RE: find locked accounts

Joe Pochedley Fri, 07 Mar 2003 08:45:12 -0800

Bob,

I'm going to guess that the word wrapping from the list is going to hack
this up pretty bad.  Let me know if you want me to send you a copy off
list...  It's a quick cut up of a bigger script I used to clean up our
domain by finding passwords for accounts that aren't disabled, but maybe
should be (accounts past our password age limit)...  It outputs a .CSV file
with Disabled accounts listed into the same directory the script is run
from.


----- Begin VBS Script - Cut here -----

Dim objAcctDisabled, objPwdExpires, objPwdExpiresTrue, objUser

Set WshFso = CreateObject("Scripting.FileSystemObject")
Set ScriptNet = CreateObject("SScripting.IPNetwork")
PathToScript = Left(WScript.ScriptFullName,(Len(WScript.ScriptFullName) -
(Len(WScript.ScriptName) + 1)))

Title = "Disabled Accounts Cleaner"
DomainString = InputBox("Enter the domain name that contains the
accounts",Title,"DOMAIN")
OutputFile = PathToScript & "\" &  DomainString & "_Acct_disabled.csv"
Set LogFile = WshFso.OpenTextFile(OutputFile, 2, True)
Wscript.echo "Output file is " & OutputFile

Set DomainObj = GetObject("WinNT://" & DomainString)

If err.number <> 0 Then
 Wscript.echo "Error connecting to " & DomainString
 Wscript.quit
End If

DomainObj.Filter = Array("User")

LogFile.WriteLine chr(34) & "UserName" & chr(34) & "," & chr(34) &
"Disabled" & chr(34)

For each User in DomainObj
 Set Account = GetObject("WinNT://" & DomainString & "/" & User.Name)

If User.AccountDisabled = True Then
                objAccountDisabled = "Yes"
                LogFile.WriteLine chr(34) & User.Name & chr(34) & "," &
chr(34) & objAccountDisabled & chr(34)
         Else objAccountDisabled = "No"
   End If
Next

LogFile.Close
MsgBox "Operation Complete" & vbcrlf & "The log file is located here" &
vbcrlf & OutputFile,0,Title

Set DomainObj = Nothing
Set WshFso = Nothing
Set DomObj = Nothing
Set Account = Nothing
Set LogFile = Nothing
DomainString = Null
RefreshTime = Null
User = Null
numDays = Null

err.Clear
Wscript.quit()

-----  End Script - Cut here -----

Joe Pochedley
If you have time to do it twice, 
you had time to do it right in
the first place.


-----Original Message-----
From: Weatherly, Rob [mailto:[EMAIL PROTECTED] 
Sent: Friday, March 07, 2003 10:44 AM
To: NT 2000 Discussions
Subject: find locked accounts


Does anyone have a script or know how to write a custom Active Directory
query that will show all accounts that have been disabled

--------------------------------
Rob Weatherly
--------------------------------


------
You are subscribed as [EMAIL PROTECTED]
Archives: http://www.swynk.com/sitesearch/search.asp
To unsubscribe send a blank email to %%email.unsub%%

------
You are subscribed as [EMAIL PROTECTED]
Archives: http://www.swynk.com/sitesearch/search.asp
To unsubscribe send a blank email to [EMAIL PROTECTED]

RE: find locked accounts

Reply via email to