Sunday, January 10, 2010

List disabled users in a domain

To list disabled users in a domain enter this script. Just modify the LDAP string,
.

Const ADS_UF_ACCOUNTDISABLE = 2
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Open "Provider=ADsDSOObject;"
Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection
objCommand.CommandText = _
";(objectCategory=User)" & _
";userAccountControl,distinguishedName;subtree"
Set objRecordSet = objCommand.Execute
intCounter = 0
Do Until objRecordset.EOF
intUAC=objRecordset.Fields("userAccountControl")
If intUAC AND ADS_UF_ACCOUNTDISABLE Then
'WScript.echo objRecordset.Fields("distinguishedName") & " is disabled"
intCounter = intCounter + 1
End If
objRecordset.MoveNext
Loop
WScript.Echo VbCrLf & "A total of " & intCounter & " accounts are disabled."
objConnection.Close
-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Generating "Always On Top" NSWindow in macOS across all detected displays

Also: Using UIKit & Cocoa Frameworks using Objective-C In m acOS or OS X , written in either Objective-C or Swift  Langues, you m...