I'm looking for a bit of help here... I'm trying to create a vb script that looks for all user accounts that has expired before today and disables them. After aLOT of scrounging the interwebs I've been able to scraped together the bellow VB script that lists all the expired user accounts that are still active, so now i'm trying to have it take the found accounts and disable them
Option Explicit
Dim dtmAdjusted, lngSeconds, str64Bit
Dim objShell, lngBiasKey, lngBias, k
Dim objRootDSE, strDNSDomain, objConnection, objRecordset, objUser
Dim strBase, strFilter, strAttributes, strQuery, strDN, strAttributes1, strAttributes2, strAttributes3
' Obtain local Time Zone bias from machine registry.
Set objShell = CreateObject("Wscript.Shell")
lngBiasKey = objShell.RegRead("HKLM\System\CurrentControlSet\Control\" _& "TimeZoneInformation\ActiveTimeBias")
If UCase(TypeName(lngBiasKey)) = "LONG" Then
lngBias = lngBiasKey
ElseIf UCase(TypeName(lngBiasKey)) = "VARIANT()" Then
lngBias = 0
For k = 0 To UBound(lngBiasKey)
lngBias = lngBias + (lngBiasKey(k) * 256^k)
Next
End If
' Convert current date/time value to UTC.
dtmAdjusted = DateAdd("n", lngBias, Now)
' Find number of seconds since 1/1/1601.
lngSeconds = DateDiff("s", #1/1/1601#, dtmAdjusted)
' Convert the number of seconds to a string
' and convert to 100-nanosecond intervals.
str64Bit = CStr(lngSeconds) & "0000000"
' Determine DNS domain name.
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("defaultNamingContext")
' Use ADO to search Active Directory.
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objRecordset = CreateObject("ADODB.Recordset")
objRecordset.ActiveConnection = objConnection
' Search entire domain.
strBase = "<LDAP://dc=globalgiving,dc=local>"
' Filter on expired user accounts.
strFilter = "(&(objectCategory=person)(objectClass=user)" _& "(accountExpires<=" & str64Bit & ")(!accountExpires=0)(!userAccountControl:1.2.840.113556.1.4.803:=2))"
' Retrieve Distinguished Names.
strAttributes = "sAMAccountName"
' Use ADO to query AD.
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
objRecordset.Source = strQuery
objRecordset.Open
' Enumerate expired user accounts.
Do Until objRecordSet.EOF
strDN = objRecordSet.Fields("sAMAccountName")
Wscript.Echo strDN
objRecordSet.MoveNext
Loop
' Clean up.
objRecordset.Close
objConnection.Close
Set objRootDSE = Nothing
Set objConnection = Nothing
Set objRecordSet = NothingI tried adding:
strDN.AccountDisabled = True strDN.SetInfo
but I get :
(66, 1) Microsoft VBScript runtime error: Object required: 'jtest'
jtest is one of the test accounts I have on my AD.
Any suggestions or pointers anyone can give me? I found a 4 line power script that dose exactly what i want, but power script isn't an option for me :(