Lets try it in txt format attachment it got really hosed via copy and
paste in email..
Read comment line before running
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Miller Carol L
Contr DYN/ITS
Sent: Friday, March 11, 2005 12:51 PM
To: '[email protected]'
Subject: RE: [ActiveDir] Locate and/or Remove Duplicate Computer
Accounts in a W2K AD Ente rprise.
Jonathan,
Sounds like a Great place for me to start with.
Thanks in advance for the assist!!!
Thanks!!!
Carol....
::::::::::::::::::::::::::::::::::::::::::
//SIGNED//
Mr. Carol L. Miller, MCP, Contractor
Vance Network Administrator
Analyst, System Administrator
DYN/ITS
Vance Support Division
DynCorp - A CSC Company
Vance AFB, OK
DSN: 448-7143, Com: (580) 213-7143
E-Mail: [EMAIL PROTECTED]
https://www.vance.af.mil/
************************************************************************
****
****
Official Disclaimer Notice
************************************************************************
****
****
This is a PRIVATE message. If you are not the intended recipient, please
delete without copying and kindly advise us by e-mail of the mistake in
delivery. NOTE: Regardless of content, this e-mail shall not operate to
bind CSC to any order or other contract unless pursuant to explicit
written agreement or government initiative expressly permitting the use
of e-mail for such purpose.
-----Original Message-----
From: Carr, Jonathan (OFT) [mailto:[EMAIL PROTECTED]
Sent: Friday, March 11, 2005 11:39 AM
To: [email protected]
Subject: RE: [ActiveDir] Locate and/or Remove Duplicate Computer
Accounts in a W2K AD Ente rprise.
I have a vbsript that runs every night. I will share it next week (not
at
work site). it does the following
gets the all computernames from the AD
one at a time
before loading it in the dictionary it ck to see if it
is already in the dictionary.
if it is it get the AD path and the when
created date
compares the dates and keeps the latest
one.
ck the ad path if the one being delete
is in the default container it just delest the account
if the one being keep is in the default
conatiner the otherone is deleted and the default container one is moved
to it's old location.
end if
else
load computername and created dated in
dictionary
end if
next
it then sends and email describing what it did
STARTING RUN ON 3/9/2005 AT 2:43:00
WC9MBN01 Windows 2000 Professional LDAP://CN=WC9MBN,CN=Computers,DC=MINE
2/9/2005 5:56:29 PM
WC9MBN01 Windows 2000 Professional LDAP://CN=WC9MBN,OU=LS AITF
Workstations,OU=LS AITF Computers,OU= LS AITF,OU=Worker Protection
LS,OU=Worker Protection,OU=All Users and Computers,DC=MINE
<ldap://CN=WC9MBN,OU=LS AITF Workstations,OU=LS AITF Computers,OU= LS
AITF,OU=Worker Protection LS,OU=Worker Protection,OU=All Users and
Computers,DC=MINE> 2/24/2005 6:12:05 PM 1296936<==== secdif difference
WC9MBN01 <======account was deleted at path ===>
LDAP://CN=WC9MBN,CN=Computers,DC=MINE
Examined 32103 computer accounts on this run FINISHED RUN ON 3/9/2005
AT 2:46:15
________________________________
From: [EMAIL PROTECTED] on behalf of joe
Sent: Fri 3/11/2005 10:14 AM
To: [email protected]
Subject: RE: [ActiveDir] Locate and/or Remove Duplicate Computer
Accounts in a W2K AD Ente rprise.
Do you mean you are getting the duplicate SPN errors in the event log or
???
joe
________________________________
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Miller Carol L
Contr DYN/ITS
Sent: Friday, March 11, 2005 9:03 AM
To: '[email protected]'
Subject: [ActiveDir] Locate and/or Remove Duplicate Computer Accounts in
a W2K AD Ente rprise.
Has anyone found a good method of identifying Duplicate "Computer
Account"
objects in a Windows 2000 Active Directory Enterprise. I have attempted
to use the "DSQUERY" command from the "Windows 2003 Admin Pak" but I
receive error messages indicating that the program is not compatible
with the specified domain.
I would greatly appreciate any ideas that you may have regarding this
topic.
I also, have confirmed that the duplicate "Computer Account" objects all
appear to have unique SIDs. I am still unclear how they are getting
created, but I need to identify them, and remove the ones that are not
in use..
Again, Thanks for any insight you may be able to share regarding this
issue.
Thanks!!!
Carol....
::::::::::::::::::::::::::::::::::::::::::
//SIGNED//
Mr. Carol L. Miller, MCP, Contractor
Vance Network Administrator
Analyst, System Administrator
DYN/ITS
Vance Support Division
DynCorp - A CSC Company
Vance AFB, OK
DSN: 448-7143, Com: (580) 213-7143
E-Mail: [EMAIL PROTECTED]
https://www.vance.af.mil/
************************************************************************
****
****
Official Disclaimer Notice
************************************************************************
****
****
This is a PRIVATE message. If you are not the intended recipient, please
delete without copying and kindly advise us by e-mail of the mistake in
delivery. NOTE: Regardless of content, this e-mail shall not operate to
bind CSC to any order or other contract unless pursuant to explicit
written agreement or government initiative expressly permitting the use
of e-mail for such purpose.
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
Set dname = CreateObject("Scripting.Dictionary")
'SET UP WHO GET MAIL FROM SERVER ABOUT BACKUPS. THERE CAN BE MORE THAN ONE BUT
THEY ARE COMMA SEPERATED
mailto = "put in email address for recipents for email full internet style"
'SET UP WHO TO REPLY TO ABOUT issues. THERE CAN BE MORE THAN ONE BUT THEY ARE
COMMA SEPERATED
MAILREPLY = "put in email address for recipents for email full internet style"
'SETUP IP ADDRESS OF SMTP GATEWAY This gateway must accept emails from the
host they are being sent from
SMTPIP = ""
'domain to be searched entry must be in full path style
jdomain = "MYDOMAIN"
'destination directory for logs for output must end with \
destdir = "destination directory for logs for output"
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCOmmand.ActiveConnection = objConnection
' Create/Open the log
Set objLog = CreateObject("Scripting.FileSystemObject")
now1= Split(now, " ", -1, 1)
logfile = destdir & "dup_" & jdomain & "_machines_" & Replace(NOW1(0), "/",
"_",1,-1,1) & "_" & Replace(NOW1(1), ":", "_",1,-1,1) & ".TXT"
Set objLogHandle = objLog.CreateTextFile(logfile)
objLogHandle.Writeline "STARTING RUN ON " & now1(0) & " AT " & now1(1)
objLogHandle.Writeline
objLogHandle.Writeline
objCommand.CommandText = "<LDAP://dc="; & jdomain &
">;(&(objectCategory=computer)(objectclass=user));name,operatingSystem,adspath,whenCreated;subtree"
objCommand.Properties("Page Size") = 2000
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
pccount = 0
Do Until objRecordSet.EOF
pccount = pccount +1
sData = objRecordset.Fields(0) & vbtab & objRecordset.Fields(1) & vbtab &
chr(34) & objRecordset.Fields(2) & chr(34) & vbtab & objRecordset.Fields(3)
jct = Instr(1, ucase(objRecordset.Fields(1)),"Server", 1)
If jct > 0 Then
Else
uname=ucase(objRecordset.Fields(0))
If dname.Exists(uname) Then
objLogHandle.Writeline sData
objLogHandle.Writeline dname.item(uname)
info1 = Split(sData,vbtab , -1, 1)
info2 = Split(dname.item(uname), vbtab, -1, 1)
datetime1 = DateValue(info1(3)) & " " &
TimeValue(info1(3))
datetime2 = DateValue(info2(3)) & " " &
TimeValue(info2(3))
secdif = DateDiff("s", datetime1,datetime2 , 0, 0)
objLogHandle.Writeline secdif & "<==== secdif
difference"
If secdif > 0 Then
objLogHandle.Writeline info1(0) & "
<======account was deleted at path ===> " & info1(2)
'uncomment out this line when you are ready to
start automatically delete computers
'Call delcomp (info1(2))
If InStr(1,info1(2),"CN=Computers,DC=" &
jdomain,1) >0 Then
Else
objLogHandle.Writeline info2(0) & "
<======account at path ===> " & info2(2) & " was moved to path ===> " &
info1(2)
'uncomment out this line when you are
ready to start automatically move computers
'Call movecomp
(info2(2),info1(2),info2(0))
End If
Else
objLogHandle.Writeline info2(0) & "
<======account was deleted at path ===> " & info2(2)
Call delcomp (info2(2))
If InStr(1,info2(2),"CN=Computers,DC=" &
jdomain",1) >0 Then
Else
objLogHandle.Writeline info1(0) & "
<======account at path ===> " & info1(2) & " was moved to path ===> " &
info2(2)
'uncomment out this line when you are
ready to start automatically move computers
'Call movecomp
(info1(2),info2(2),info1(0))
End If
End If
objLogHandle.Writeline
objLogHandle.Writeline
Else
dname.add uname,sdata
End If
End If
'objLogHandle.Writeline sData
objRecordset.movenext
Loop
now1= Split(now, " ", -1, 1)
objLogHandle.Writeline
objLogHandle.Writeline "Examined " & pccount & " computer accounts on this run"
objLogHandle.Writeline "FINISHED RUN ON " & now1(0) & " AT " & now1(1)
objLogHandle.close
Set dname = nothing
set objCommand = Nothing
Set objConnection = Nothing
set objRecordSet = Nothing
Set objLogHandle = Nothing
Set objLog = Nothing
Set dname = Nothing
'
'EMAIL LOG FILE WITH SUBJECT TO EMAIL GROUPS
Const cdoSendUsingPort = 2
set iMsg = CreateObject("CDO.Message")
set iConf = CreateObject("CDO.Configuration")
Set Flds = iConf.Fields
With Flds
.Item("http://schemas.microsoft.com/cdo/configuration/sendusing";) =
cdoSendUsingPort
.Item("http://schemas.microsoft.com/cdo/configuration/smtpserver";) =
SMTPIP
.Item("http://schemas.microsoft.com/cdo/configuration/smtpconnectiontimeout";) =
10
.Update
End With
With iMsg
Set .Configuration = iConf
.To = mailto
.From = MAILREPLY
.replyto = MAILREPLY
.Subject = " Duplicate Computer acct. report"
.KEYWORDS = " Duplicate Computer acct. report"
.TextBody = "See attached report"
.AddAttachment logfile
.Send
End With
Set iMsg = Nothing
Set iConf = Nothing
' CLEANUP
Sub delcomp (cpath)
cpath=Replace(cpath, chr(34), "")
wscript.echo "going to delete computer at path ====> " & cpath
Set OComputer = GetObject(cpath)
OComputer.DeleteObject (0)
Set OComputer = nothing
End Sub
Sub movecomp (cpath,npath,cname)
cpath=Replace(cpath, chr(34), "")
npath=Replace(npath, chr(34), "")
wscript.echo "going to move computer at path ====> " & cpath & " to
path ==> " & npath
nlen = Len(npath)
nstart= InStr(1,npath ,cname , 1)
wscript.echo "ans = " & nlen - nstart - Len(cname)
nrt = Right(npath,(nlen - nstart - Len(cname)))
npath = "LDAP://"; & nrt
Set NewOU = GetObject(npath)
Set Omovecomputer = NewOU.MoveHere(cpath,"CN=" & cname)
Set NewOU =nothing
Set Omovecomputer =nothing
End Sub
