Improve company productivity with a Business Account.Sign Up

x
?
Solved

VBScript Active Directory Bulk Delete Issue

Posted on 2014-04-23
15
Medium Priority
?
489 Views
Last Modified: 2014-04-24
Morning,

I have this script I will enter below that is set to read from a .CSV file and delete all users within it.  This was done because I am in an environment where the previous admin did not clean up AD.

When I move to delete them via the script a significant amount of users are kicking out an error referencing a leaf object as will be attached below.

Upon further research, it appears that there are "ExchangeActiveSyncDevices" child objects attached to them and further complicating things, it would appear that some or most of these users were protected from accidental deletion! We have exchange 2010 in the environment with server 2008 R2 DC's.

The script below works very well but I am looking for a tweak that will delete the user and its objects regardless of being protected from accidental deletion or not.  I have vetted the list of users in the CSV file carefully so I am aware of the issues surrounding this and also do know that the objects are merely the Exchange objects above and should cause no impact to exchange.


Thanks!
userdel.png
userdel.vbs
0
Comment
Question by:smyers051972
  • 11
  • 4
15 Comments
 
LVL 45

Expert Comment

by:Amit
ID: 40018182
0
 
LVL 1

Author Comment

by:smyers051972
ID: 40018206
Im reviewing it and looks nice except I am trying to delete users in the spreadsheet, not move to disabled OU.
0
 
LVL 45

Expert Comment

by:Amit
ID: 40018218
It removes the user as well. Try GUI one.
http://gallery.technet.microsoft.com/Z-Term-Active-Directory-2dcb5756

Test in a test lab first. As far as i know from my 14 years for exp, first you disable the user move to some other OU, keep it for some time, if no one reports issue, then delete it.

Also i suggest you to enable 2008 recycle bin option, it will give you easy option to restore, in case you delete wrong user.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
LVL 1

Author Comment

by:smyers051972
ID: 40018260
The GUI version only seems to allow 1 user at a time, I have a list of like 100+ users to delete, I dumped them all into a CSV file.
0
 
LVL 1

Author Comment

by:smyers051972
ID: 40018312
I just think before a tangent is explored its probably going to be easier for me at least to stick to the original plan :)

Script mod!
0
 
LVL 45

Accepted Solution

by:
Amit earned 2000 total points
ID: 40018318
Ok try this

http://www.techforcast.com/2012/04/delete-ad-multiple-user-accounts-using.html

Import-Csv .\Remove.txt | foreach-object {
remove-aduser -identity $_.SamAccountName -confirm:$false }
0
 
LVL 1

Author Comment

by:smyers051972
ID: 40018324
ok one sec ill try it now!
0
 
LVL 1

Author Comment

by:smyers051972
ID: 40018330
Had to add the AD module into it but here is the output I got:


Remove-ADUser : Cannot validate argument on parameter 'Identity'. The argument is null. Supply a non-null argument and
try the command again.
At C:\userdel\userdel.ps1:3 char:24
+ remove-aduser -identity <<<<  $_.SamAccountName -confirm:$false }
    + CategoryInfo          : InvalidData: (:) [Remove-ADUser], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.ActiveDirectory.Management.Commands.RemoveADU
   ser
0
 
LVL 1

Author Comment

by:smyers051972
ID: 40018332
Ran the script like this:

.\userdel.ps1

Script:
Import-Module ActiveDirectory
Import-Csv .\delete.txt | foreach-object {
remove-aduser -identity $_.SamAccountName -confirm:$false }
0
 
LVL 1

Author Comment

by:smyers051972
ID: 40018358
What I am wondering is...  The .TXT file I am using the following format:

user1
user2
user3
user4
user5

Each line has a CRLF, should this be read differently? Or is this the correct format for the text file?
0
 
LVL 45

Expert Comment

by:Amit
ID: 40018359
what does you input file contains? use only samname
0
 
LVL 1

Author Comment

by:smyers051972
ID: 40018366
those are the id's you would type into windows logon as a user so this should be the same as the samname field?
0
 
LVL 1

Author Comment

by:smyers051972
ID: 40018378
the script i wrote to pull the users pulled the SAM field. Just checked.
0
 
LVL 1

Author Comment

by:smyers051972
ID: 40020389
any updates?
0
 
LVL 1

Author Closing Comment

by:smyers051972
ID: 40020621
This was the correct answer but found out my text file didnt have a header which was why it failed, the revised code looked like this:

gc .\delete.txt | foreach-object {
remove-aduser -identity $_ -confirm:$false}

The answer given above was right though PS was the best option.
0

Featured Post

Easily Design & Build Your Next Website

Squarespace’s all-in-one platform gives you everything you need to express yourself creatively online, whether it is with a domain, website, or online store. Get started with your free trial today, and when ready, take 10% off your first purchase with offer code 'EXPERTS'.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

This article involves a discussion about issues people have when it comes to Client Access in relating to Load Balancing in an Exchange environment which we had ourselves, along with a solution I found to the problem.
The article is for all the Exchange users seeking smooth and effective EDB to PST conversion. Exchange Server is the most widely used platform for messaging with collaborative sharing, Exchange online, secure working environment, etc.
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

595 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question