I have a vbsript that runs every night. I will share it next week (not at
work site). it does the following
gets the all computernames from the AD
one at a time
before loading it in the dictionary it ck to see if it is
already in the dictionary.
if it is it get the AD path and the when
created date
compares the dates and keeps the latest one.
ck the ad path if the one being delete is in
the default container it just delest the account
if the one being keep is in the default
conatiner the otherone is deleted and the default container one is moved to
it's old location.
end if
else
load computername and created dated in
dictionary
end if
next
it then sends and email describing what it did
STARTING RUN ON 3/9/2005 AT 2:43:00
WC9MBN01 Windows 2000 Professional LDAP://CN=WC9MBN,CN=Computers,DC=MINE
2/9/2005 5:56:29 PM
WC9MBN01 Windows 2000 Professional LDAP://CN=WC9MBN,OU=LS AITF
Workstations,OU=LS AITF Computers,OU= LS AITF,OU=Worker Protection LS,OU=Worker
Protection,OU=All Users and Computers,DC=MINE <ldap://CN=WC9MBN,OU=LS AITF
Workstations,OU=LS AITF Computers,OU= LS AITF,OU=Worker Protection LS,OU=Worker
Protection,OU=All Users and Computers,DC=MINE> 2/24/2005 6:12:05 PM
1296936<==== secdif difference
WC9MBN01 <======account was deleted at path ===>
LDAP://CN=WC9MBN,CN=Computers,DC=MINE
Examined 32103 computer accounts on this run
FINISHED RUN ON 3/9/2005 AT 2:46:15
________________________________
From: [EMAIL PROTECTED] on behalf of joe
Sent: Fri 3/11/2005 10:14 AM
To: [email protected]
Subject: RE: [ActiveDir] Locate and/or Remove Duplicate Computer Accounts in a
W2K AD Ente rprise.
Do you mean you are getting the duplicate SPN errors in the event log or ???
joe
________________________________
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Miller Carol L
Contr DYN/ITS
Sent: Friday, March 11, 2005 9:03 AM
To: '[email protected]'
Subject: [ActiveDir] Locate and/or Remove Duplicate Computer Accounts in a W2K
AD Ente rprise.
Has anyone found a good method of identifying Duplicate "Computer Account"
objects in a Windows 2000 Active Directory Enterprise. I have attempted to use
the "DSQUERY" command from the "Windows 2003 Admin Pak" but I receive error
messages indicating that the program is not compatible with the specified
domain.
I would greatly appreciate any ideas that you may have regarding this topic. I
also, have confirmed that the duplicate "Computer Account" objects all appear
to have unique SIDs. I am still unclear how they are getting created, but I
need to identify them, and remove the ones that are not in use..
Again, Thanks for any insight you may be able to share regarding this issue.
Thanks!!!
Carol....
::::::::::::::::::::::::::::::::::::::::::
//SIGNED//
Mr. Carol L. Miller, MCP, Contractor
Vance Network Administrator
Analyst, System Administrator
DYN/ITS
Vance Support Division
DynCorp - A CSC Company
Vance AFB, OK
DSN: 448-7143, Com: (580) 213-7143
E-Mail: [EMAIL PROTECTED]
https://www.vance.af.mil/
********************************************************************************
Official Disclaimer Notice
********************************************************************************
This is a PRIVATE message. If you are not the intended recipient,
please delete without copying and kindly advise us by e-mail of
the mistake in delivery. NOTE: Regardless of content, this e-mail
shall not operate to bind CSC to any order or other contract
unless pursuant to explicit written agreement or government
initiative expressly permitting the use of e-mail for such purpose.
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
