1

我想使用 VB 在 AD 中搜索禁用帐户(超过 90 天并删除他们的主目录。以下脚本可以正常工作但不能递归:(

任何人都可以帮助使其工作吗?他将高度赞赏任何帮助:)

Option Explicit

Dim objOU, objUser, objFSO, strHomeDirectory, objTextFile

Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objOU = GetObject("LDAP://OU=users,DC=corp,DC=contoso,DC=com")

objOU.Filter = Array("user")

For Each objUser In objOU
if ( objuser.useraccountcontrol = 514 Or objuser.useraccountcontrol = 66050 ) And DateDiff("d", objUser.WhenChanged, Now) > 90 Then 
    ' Retrieve home directory.
    strHomeDirectory = objUser.homeDirectory
    ' Replace %username% with value of sAMAccountName attribute.
     strHomeDirectory = Replace(strHomeDirectory, "%username%", objUser.sAMAccountName)
    ' Delete the folder.
     objFSO.DeleteFolder strHomeDirectory
else
wscript.sleep 100
End If
Next
4

1 回答 1

1

您通常会使用LDAP 查询来执行此操作。如果你能原谅这个无耻的插件,我前段时间写了一个AD 查询类来简化这种任务。您可以将代码复制/粘贴到您的脚本中并像这样使用它:

Set fso = CreateObject("Scripting.FileSystemObject")

Set qry = New ADQuery
qry.Filter = "(&(objectClass=User)(objectCategory=Person)" & _
             "(userAccountControl:1.2.840.113556.1.4.803:=2))"
qry.Attributes = Array("sAMAccountName", "homeDirectory", "whenChanged")

Set rs = qry.Execute

If Not rs Is Nothing Then
  Do Until rs.EOF
    If DateDiff("d", rs.Fields("whenChanged").Value, Now) > 90 Then
      homedir = rs.Fields("homeDirectory").Value
      homedir = Replace(homedir, "%username%", rs.Fields("sAMAccountName").Value)
      If fso.FolderExists(homedir) Then fso.DeleteFolder homedir
    End If
    rs.MoveNext
  Loop
  rs.Close
End If
于 2013-02-25T17:44:13.247 回答