locked
VB Scripts to remove the user from the specific group from Active directory in windows 2003 & 2008 servers. RRS feed

  • General discussion

  • Hi,

    I have a  below script to remove the users from the specific group from AD:

    DIM objGroup, objRootLDAP, objFSO, objInput, objConnection, objCommand
    DIM strUser
    On Error Resume Next
    Set objRootLDAP = GetObject("LDAP://rootDSE")
    Set objConnection = CreateObject("ADODB.Connection")
    objConnection.Open "Provider=ADsDSOObject;"
    Set objCommand = CreateObject("ADODB.Command")
    objCommand.ActiveConnection = objConnection
    Set objFSO = CreateObject("Scripting.FileSystemObject")
    Set objInput = objFSO.OpenTextFile("users.txt") -----I have entered the user ID(12345) and saved it on desktop as a txt file.(hardcoded).
    Set objGroup = GetObject("LDAP://cn=groupname-SD-Animal,ou=OU,dc=DOMAIN,dc=COM") --group name as abcd test_group(hardcoded)
     Do Until objInput.AtEndOfStream
    strUser = ObjInput.ReadLine
     objCommand.CommandText = "<LDAP://dc=DOMAIN,dc=COM>;(&(objectCategory=person)(sAMAccountName=" & strUser & "));distinguishedName,userAccountControl;subtree"
     Set objRecordSet = objCommand.Execute
     If objRecordSet.RecordCount = 0 Then
        MsgBox strUser & " was not found!" & VbCrLf & "Skipping", VbOkOnly,"User Not Found"
    Else
        strDN = objRecordSet.Fields("distinguishedName")
        Set objUser = GetObject("LDAP://" & strDN)
    objGroup.Remove(objUser.AdsPath)
    End If
    Loop
     WScript.Echo "Complete"

    When I tried to run the script it shows the user not found, Actually user was found in AD eventhough it is displaying as user not found.Kindly help me out where I have missed.

    Thanks

    Raj

    Tuesday, September 2, 2014 10:55 AM

All replies

  • Start by removing "One Error Resume Next" and fixing the errors.


    ¯\_(ツ)_/¯

    Tuesday, September 2, 2014 12:45 PM
  • Here is a better example of how to get a user:

    ' get user ADSPath from samaccountname (logon id) and domain
    MsgBox GetUser( "joeuser","joesdomin" )
      
    Function GetUser( samAccountName, NBDomain )
    
        Set adoCommand = CreateObject("ADODB.Command")
        Set adoConnection = CreateObject("ADODB.Connection")
        adoConnection.Provider = "ADsDSOObject"
        adoConnection.Open "Active Directory Provider"
        Set adoCommand.ActiveConnection = adoConnection
            
        strQueryDL = "<LDAP://" & NBDomain & ">;(samaccountname=" & samAccountName & ");aDSPath;subtree"
        adoCommand.CommandText = strQueryDL
        
        Set rs = adoCommand.Execute
    
        GetUser = rs.Fields("aDSPath")
    
    End Function



    ¯\_(ツ)_/¯


    • Edited by jrv Tuesday, September 2, 2014 1:15 PM
    Tuesday, September 2, 2014 1:14 PM
  • Hi,

    Where I need to apply this scripts in above scripts which is provided by me.

    Thanks

    Raj

    Thursday, September 4, 2014 7:48 AM
  • Start by learning how the script works.  You cannot easily debug or fix scripts without understanding how to script.  Start here:

    http://technet.microsoft.com/en-us/scriptcenter/dd772284


    ¯\_(ツ)_/¯

    Thursday, September 4, 2014 8:17 AM