|
server
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Delete many users in Active Directory
How can I delete many users in Active Directory? I have a txt file with all
usernames that have to be deleted. I read below script but it is only for one user. Set objOU = GetObject("LDAP://ou=hr,dc=fabrikam,dc=com") objOU.Delete "user", "cn=MyerKen" How can I modify this script so it read all the users from a external file? Leo wrote:
> How can I delete many users in Active Directory? I have a txt file with This is straightforward, but we must be clear what is in your text file. Is > all > usernames that have to be deleted. > > I read below script but it is only for one user. > > Set objOU = GetObject("LDAP://ou=hr,dc=fabrikam,dc=com") > objOU.Delete "user", "cn=MyerKen" > > How can I modify this script so it read all the users from a external > file? > it 1. The Common Names of the users, the value of the "cn" attribute? 2. The NT names of the user, also called the "pre-Windows 2000 logon name", the value of the "sAMAccountName" attribute? 3. The Distinguished Names of the users (DN)? In your example, the Distinguished Name (DN) is "cn=MyerKen,ou=hr,dc=fabrikam,dc=com", the common name is "MyerKen", and we don't know what the sAMAccountName is (unless the policy in your domain is to make sAMAccountName the same as cn). Best is to have the DN's. If you have the sAMAccountName we can use the NameTranslate object to convert to DN no problem. If the list has common names, that's a problem. We can use ADO to search AD for all users that have the given cn, and only delete if there is one. But there could be duplicates. Unless, all of your users are in one OU, in which case cn would be unique. If your text file has the NT name's (sAMAccountName, also called
"pre-Windows 2000 logon name") of users, the example VBScript program below can be used. I use the DeleteObject method of the user object, instead of the Delete method of the parent container object. This way, I don't need to parse or figure out the DN of the parent OU/Container. This example also deletes the Home Directory, if it exists. That part of the code can be removed if it does not apply to you. ============== Option Explicit Dim strFileName, objFSO, objFile Dim objRootDSE, strDNSDomain, objTrans Dim strNetBIOSDomain, strLine, strUserDN Dim objUser, strHome Const ForReading = 1 ' Specify file with NT names of users to delete. strFileName = "c:\scripts\OldUsers.txt" ' Open the file for read access. Set objFSO = CreateObject("Scripting.FileSystemObject") Set objFile = objFSO.OpenTextFile(strFileName, ForReading) ' Constants for the NameTranslate object. Const ADS_NAME_INITTYPE_GC = 3 Const ADS_NAME_TYPE_NT4 = 3 Const ADS_NAME_TYPE_1779 = 1 ' Determine DNS name of domain from RootDSE. Set objRootDSE = GetObject("LDAP://RootDSE") strDNSDomain = objRootDSE.Get("defaultNamingContext") ' Use the NameTranslate object to find the NetBIOS ' domain name from the DNS domain name. Set objTrans = CreateObject("NameTranslate") objTrans.Init ADS_NAME_INITTYPE_GC, "" objTrans.Set ADS_NAME_TYPE_1779, strDNSDomain strNetBIOSDomain = objTrans.Get(ADS_NAME_TYPE_NT4) ' Remove trailing backslash. strNetBIOSDomain = Left(strNetBIOSDomain, _ Len(strNetBIOSDomain) - 1) ' Read each line of the file. Do Until objFile.AtEndOfStream strLine = Trim(objFile.ReadLine) ' Skip blank lines. If (strLine <> "") Then ' Specify the NT format of the user name. objTrans.Set ADS_NAME_TYPE_NT4, strNetBIOSDomain _ & "\" & strLine ' Retrieve the Distinguished Name. strUserDN = objTrans.Get(ADS_NAME_TYPE_1779) ' Bind to the user object. Set objUser = GetObject("LDAP://" & strUserDN) ' Retrieve homeDirectory. strHome = objUser.homeDirectory ' Delete home directory If (strHome <> "") Then objFSO.DeleteFolder(strHome) End If ' Delete user object objUser.DeleteObject (0) End If Loop objFile.Close ============== If the text file has user DN's, the could would be more straightforward. No need to use NameTranslate. If the file has Common Names it would be much more complex, but might still be possible. I will be using the usernames "sAMAccountName". If this is the case How the
txt file should look like? A username per line? Any character as separation? example1: JSmith BScott LLeon example2: JSmith; BScott; LLeon Show quote "Richard Mueller [MVP]" wrote: > If your text file has the NT name's (sAMAccountName, also called > "pre-Windows 2000 logon name") of users, the example VBScript program below > can be used. I use the DeleteObject method of the user object, instead of > the Delete method of the parent container object. This way, I don't need to > parse or figure out the DN of the parent OU/Container. This example also > deletes the Home Directory, if it exists. That part of the code can be > removed if it does not apply to you. > ============== > Option Explicit > > Dim strFileName, objFSO, objFile > Dim objRootDSE, strDNSDomain, objTrans > Dim strNetBIOSDomain, strLine, strUserDN > Dim objUser, strHome > > Const ForReading = 1 > > ' Specify file with NT names of users to delete. > strFileName = "c:\scripts\OldUsers.txt" > > ' Open the file for read access. > Set objFSO = CreateObject("Scripting.FileSystemObject") > Set objFile = objFSO.OpenTextFile(strFileName, ForReading) > > ' Constants for the NameTranslate object. > Const ADS_NAME_INITTYPE_GC = 3 > Const ADS_NAME_TYPE_NT4 = 3 > Const ADS_NAME_TYPE_1779 = 1 > > ' Determine DNS name of domain from RootDSE. > Set objRootDSE = GetObject("LDAP://RootDSE") > strDNSDomain = objRootDSE.Get("defaultNamingContext") > > ' Use the NameTranslate object to find the NetBIOS > ' domain name from the DNS domain name. > Set objTrans = CreateObject("NameTranslate") > objTrans.Init ADS_NAME_INITTYPE_GC, "" > objTrans.Set ADS_NAME_TYPE_1779, strDNSDomain > strNetBIOSDomain = objTrans.Get(ADS_NAME_TYPE_NT4) > > ' Remove trailing backslash. > strNetBIOSDomain = Left(strNetBIOSDomain, _ > Len(strNetBIOSDomain) - 1) > > ' Read each line of the file. > Do Until objFile.AtEndOfStream > strLine = Trim(objFile.ReadLine) > ' Skip blank lines. > If (strLine <> "") Then > ' Specify the NT format of the user name. > objTrans.Set ADS_NAME_TYPE_NT4, strNetBIOSDomain _ > & "\" & strLine > ' Retrieve the Distinguished Name. > strUserDN = objTrans.Get(ADS_NAME_TYPE_1779) > ' Bind to the user object. > Set objUser = GetObject("LDAP://" & strUserDN) > > ' Retrieve homeDirectory. > strHome = objUser.homeDirectory > > ' Delete home directory > If (strHome <> "") Then > objFSO.DeleteFolder(strHome) > End If > > ' Delete user object > objUser.DeleteObject (0) > End If > Loop > objFile.Close > ============== > If the text file has user DN's, the could would be more straightforward. No > need to use NameTranslate. If the file has Common Names it would be much > more complex, but might still be possible. > > -- > Richard Mueller > Microsoft MVP Scripting and ADSI > Hilltop Lab - http://www.rlmueller.net > -- > > > One name per line, with no delimiters or other characters (example1). The
script I posted skips blank lines and trims any leading or trailing blanks, but any other characters are considered part of the name. Show quote "Leo" <L**@discussions.microsoft.com> wrote in message news:27C70A44-B0FD-4C5C-8DDE-2A409CE1A67B@microsoft.com... >I will be using the usernames "sAMAccountName". If this is the case How the > txt file should look like? > > A username per line? Any character as separation? > > example1: > > JSmith > BScott > LLeon > > example2: > > JSmith; > BScott; > LLeon > > > > > "Richard Mueller [MVP]" wrote: > >> If your text file has the NT name's (sAMAccountName, also called >> "pre-Windows 2000 logon name") of users, the example VBScript program >> below >> can be used. I use the DeleteObject method of the user object, instead of >> the Delete method of the parent container object. This way, I don't need >> to >> parse or figure out the DN of the parent OU/Container. This example also >> deletes the Home Directory, if it exists. That part of the code can be >> removed if it does not apply to you. >> ============== >> Option Explicit >> >> Dim strFileName, objFSO, objFile >> Dim objRootDSE, strDNSDomain, objTrans >> Dim strNetBIOSDomain, strLine, strUserDN >> Dim objUser, strHome >> >> Const ForReading = 1 >> >> ' Specify file with NT names of users to delete. >> strFileName = "c:\scripts\OldUsers.txt" >> >> ' Open the file for read access. >> Set objFSO = CreateObject("Scripting.FileSystemObject") >> Set objFile = objFSO.OpenTextFile(strFileName, ForReading) >> >> ' Constants for the NameTranslate object. >> Const ADS_NAME_INITTYPE_GC = 3 >> Const ADS_NAME_TYPE_NT4 = 3 >> Const ADS_NAME_TYPE_1779 = 1 >> >> ' Determine DNS name of domain from RootDSE. >> Set objRootDSE = GetObject("LDAP://RootDSE") >> strDNSDomain = objRootDSE.Get("defaultNamingContext") >> >> ' Use the NameTranslate object to find the NetBIOS >> ' domain name from the DNS domain name. >> Set objTrans = CreateObject("NameTranslate") >> objTrans.Init ADS_NAME_INITTYPE_GC, "" >> objTrans.Set ADS_NAME_TYPE_1779, strDNSDomain >> strNetBIOSDomain = objTrans.Get(ADS_NAME_TYPE_NT4) >> >> ' Remove trailing backslash. >> strNetBIOSDomain = Left(strNetBIOSDomain, _ >> Len(strNetBIOSDomain) - 1) >> >> ' Read each line of the file. >> Do Until objFile.AtEndOfStream >> strLine = Trim(objFile.ReadLine) >> ' Skip blank lines. >> If (strLine <> "") Then >> ' Specify the NT format of the user name. >> objTrans.Set ADS_NAME_TYPE_NT4, strNetBIOSDomain _ >> & "\" & strLine >> ' Retrieve the Distinguished Name. >> strUserDN = objTrans.Get(ADS_NAME_TYPE_1779) >> ' Bind to the user object. >> Set objUser = GetObject("LDAP://" & strUserDN) >> >> ' Retrieve homeDirectory. >> strHome = objUser.homeDirectory >> >> ' Delete home directory >> If (strHome <> "") Then >> objFSO.DeleteFolder(strHome) >> End If >> >> ' Delete user object >> objUser.DeleteObject (0) >> End If >> Loop >> objFile.Close >> ============== >> If the text file has user DN's, the could would be more straightforward. >> No >> need to use NameTranslate. If the file has Common Names it would be much >> more complex, but might still be possible. >> >> -- >> Richard Mueller >> Microsoft MVP Scripting and ADSI >> Hilltop Lab - http://www.rlmueller.net >> -- >> >> >> It works!
Many Thanks!!!! Show quote "Richard Mueller [MVP]" wrote: > One name per line, with no delimiters or other characters (example1). The > script I posted skips blank lines and trims any leading or trailing blanks, > but any other characters are considered part of the name. > > -- > Richard Mueller > Microsoft MVP Scripting and ADSI > Hilltop Lab - http://www.rlmueller.net > -- > > "Leo" <L**@discussions.microsoft.com> wrote in message > news:27C70A44-B0FD-4C5C-8DDE-2A409CE1A67B@microsoft.com... > >I will be using the usernames "sAMAccountName". If this is the case How the > > txt file should look like? > > > > A username per line? Any character as separation? > > > > example1: > > > > JSmith > > BScott > > LLeon > > > > example2: > > > > JSmith; > > BScott; > > LLeon > > > > > > > > > > "Richard Mueller [MVP]" wrote: > > > >> If your text file has the NT name's (sAMAccountName, also called > >> "pre-Windows 2000 logon name") of users, the example VBScript program > >> below > >> can be used. I use the DeleteObject method of the user object, instead of > >> the Delete method of the parent container object. This way, I don't need > >> to > >> parse or figure out the DN of the parent OU/Container. This example also > >> deletes the Home Directory, if it exists. That part of the code can be > >> removed if it does not apply to you. > >> ============== > >> Option Explicit > >> > >> Dim strFileName, objFSO, objFile > >> Dim objRootDSE, strDNSDomain, objTrans > >> Dim strNetBIOSDomain, strLine, strUserDN > >> Dim objUser, strHome > >> > >> Const ForReading = 1 > >> > >> ' Specify file with NT names of users to delete. > >> strFileName = "c:\scripts\OldUsers.txt" > >> > >> ' Open the file for read access. > >> Set objFSO = CreateObject("Scripting.FileSystemObject") > >> Set objFile = objFSO.OpenTextFile(strFileName, ForReading) > >> > >> ' Constants for the NameTranslate object. > >> Const ADS_NAME_INITTYPE_GC = 3 > >> Const ADS_NAME_TYPE_NT4 = 3 > >> Const ADS_NAME_TYPE_1779 = 1 > >> > >> ' Determine DNS name of domain from RootDSE. > >> Set objRootDSE = GetObject("LDAP://RootDSE") > >> strDNSDomain = objRootDSE.Get("defaultNamingContext") > >> > >> ' Use the NameTranslate object to find the NetBIOS > >> ' domain name from the DNS domain name. > >> Set objTrans = CreateObject("NameTranslate") > >> objTrans.Init ADS_NAME_INITTYPE_GC, "" > >> objTrans.Set ADS_NAME_TYPE_1779, strDNSDomain > >> strNetBIOSDomain = objTrans.Get(ADS_NAME_TYPE_NT4) > >> > >> ' Remove trailing backslash. > >> strNetBIOSDomain = Left(strNetBIOSDomain, _ > >> Len(strNetBIOSDomain) - 1) > >> > >> ' Read each line of the file. > >> Do Until objFile.AtEndOfStream > >> strLine = Trim(objFile.ReadLine) > >> ' Skip blank lines. > >> If (strLine <> "") Then > >> ' Specify the NT format of the user name. > >> objTrans.Set ADS_NAME_TYPE_NT4, strNetBIOSDomain _ > >> & "\" & strLine > >> ' Retrieve the Distinguished Name. > >> strUserDN = objTrans.Get(ADS_NAME_TYPE_1779) > >> ' Bind to the user object. > >> Set objUser = GetObject("LDAP://" & strUserDN) > >> > >> ' Retrieve homeDirectory. > >> strHome = objUser.homeDirectory > >> > >> ' Delete home directory > >> If (strHome <> "") Then > >> objFSO.DeleteFolder(strHome) > >> End If > >> > >> ' Delete user object > >> objUser.DeleteObject (0) > >> End If > >> Loop > >> objFile.Close > >> ============== > >> If the text file has user DN's, the could would be more straightforward. > >> No > >> need to use NameTranslate. If the file has Common Names it would be much > >> more complex, but might still be possible. > >> > >> -- > >> Richard Mueller > >> Microsoft MVP Scripting and ADSI > >> Hilltop Lab - http://www.rlmueller.net > >> -- > >> > >> > >> > > >  
Other interesting topics
|
|||||||||||||||||||||||
