Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Disable User Account and more ...

Status
Not open for further replies.
MojoZig

MojoZig

Technical User
Sep 27, 2005
61
US
Does anybody have good information on a script that will execute the following once the user name is inputted once:

1. Disable the User's account
2. Marks the "Hide from Exchange address lists" on the Exchange Advanced tab or just deletes the exchange mailbox.
3. Moves the User's home directory from \\homeserver\drive\%UserName% & to \\homeserver\disabled\%UserName%
4. Moves the user to the Disabled Users OU
5. Removes all group membership except domain user memebership.

Something like:
Code: 
Dim strUserName
UserName = strUserName

Disable strUserName
Delete strUserName mailbox
Move \\homeserver\drive\ & strUserName to \\homeserver\disabled\ & strUserName
Move strUserName to disabled OU
Remove all membership for strUserName

I don't think my code will work! My example above should get the most shoddy written code award! :eek:)
Anybody have anything like that? (that's not shoddy!)

Thanks,
TT


 
Sort by date Sort by votes
OK, well you will need to brea this into sections.

Here is sample code to disable a user account.
Code: 
Const ADS_UF_ACCOUNTDISABLE = 2

Set objUser = GetObject _
("LDAP://cn=myerken,ou=management,dc=fabrikam,dc=com")
intUAC = objUser.Get("userAccountControl")

objUser.Put "userAccountControl", intUAC OR ADS_UF_ACCOUNTDISABLE
objUser.SetInfo

I would use the function Kob3 posted in his FAQ to take the username and return the LDAP path to be used in this example.


So, if you have bound to the user object using the above variable objUser, you would hide them from the address book like this:
Code: 
objUser.HideFromAddressBook = True
objUser.SetInfo

Moving the folders is easy enough as long as you have sufficient rights to the files.

Use the FileSystemObject with the Move command.

Removing a user from a group is done like this
Code: 
Set objGroup = GetObject _
 ("LDAP://CN=atl-users,ou=hr,dc=fabrikam,dc=com")
objGroup.Remove _
 "LDAP://cn=MyerKen,OU=management,dc=fabrikam,dc=com"

To enumerate all of their existing group memberships, take a look at my login script FAQ which has sample code for that. faq329-5798

Of course if you actually delete a mailbox then there is no reason to hide it from the GAL since it won't exist to begin with.
I would advise that you make that a manual process and first use ExMerge to export and archive the mail, contacts, calendar etc. to a PST file for later reference. Then manually remove the mailbox. Note that you will want to do this BEFORE you disable the accound since ExMerge will not run against a disabled account.


I hope you find this post helpful.

Regards,

Mark
 
Upvote 0 Downvote
Thanks Mark, I really appreciate your time ... I think that given my skill set, it all may be easier using my Javelina ADToolkit software to go through the Disabled users OU every once in awhile and make sure they are all hidden from exchange and remove them from groups before deleting them ... I do like the folder move script though ... that will come in handy.

I couldn't find Kob's FAQ by the way ...

You have a happy new year!

TT
 
Upvote 0 Downvote
That would be it I believe. Good information! I'll just snag those snippets! This site has the most helpful members than any other forum I've ever used! Thanks PHV and again, Mark for your time.
Peace to all!

MojoZig
 
Upvote 0 Downvote
Yup, thanks PHV, that was the FAQ I was referring to.

MojoZig, If putting this all together seems overwhelming don't panic. It is all rather simple. Just take it one step at a time.

I think you will find this FAQ helpful in understanding how to incorporate the kind of changes needed. faq329-4871

I hope you find this post helpful.

Regards,

Mark
 
Upvote 0 Downvote
Thanks again Mark! That's great stuff. I'm on the brink of understanding the basics, and know enough to piece things together. This will definately help out and will come in handy! Your login script I got last week worked flawlessly by the way and was very easy to implement and tweak. It's nice to see someone that pays attention to detail which makes everything much nicer in the end!

Peace...
MojoZig
 
Upvote 0 Downvote
Glad to help. Don't forget to vote on the FAQs.

I hope you find this post helpful.

Regards,

Mark
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Palito1916
  • Locked
  • Question
Disable multiple computer accounts using TXT file with computer names
Replies
2
Views
527
Palito1916
Palito1916
PiotrMP006
  • Locked
  • Question
How to quickly check if a file has 1 or more lines of text?
Replies
1
Views
479
combo
combo
asel
  • Locked
  • Question
Copy cell data from excel and paste into portable software application
Replies
0
Views
301
asel
asel
queen_mszdia
  • Locked
  • Question
invoke runas different user from inside VbScript
Replies
0
Views
353
queen_mszdia
queen_mszdia
Don Child
  • Locked
  • Question
JScript to search for specific outlook emails, and download attachments 2
Replies
8
Views
876
Eric J
Eric J

Part and Inventory Search

Sponsor

Back
Top