TheBigEye Posted December 27, 2007 Share Posted December 27, 2007 I originally put this in the wrong forum.... my apologies.I have a script that I put together from resources on the net and it works.... well partially works. I need to reset the password for about 230 user accounts. If I put all of the accounts in the same OU, then the script I have will work... the problem is that all of the users are not in the same OU. They are all in a child OU of the root OU. IE: domain.local and then I have OU1, ou2, ou3, ou4 (ou2, 3 and 4 are child OU's of OU1). I tried to modify the script to drill down, but run into errors each time.... anyway... here's the script... anybody see any problems??? As is pasted below works, but only on the main OU.... I can't seem to figure out how to get it to drill down to the child OU's. ' --------------------------------------------------------------' Option ExplicitDim objOU, objUser, objRootDSE, objShellDim strContainer, strLastUser, strDNSDomain, strPassword Dim intPwdValue, intCounter, intAccValue' Bind to Active Directory DomainSet objRootDSE = GetObject("LDAP://RootDSE") strDNSDomain = objRootDSE.Get("DefaultNamingContext") strContainer = "OU=Students, "strPassword = "TRq@d2008"intAccValue = 512strContainer = strContainer & strDNSDomainset objOU =GetObject("LDAP://" & strContainer )intCounter = 0 For each objUser in objOU If objUser.class="user" then objUser.Put "userAccountControl", intAccValue objUser.SetInfo intCounter = intCounter +1 strLastUser = objUser.Get ("name") End if nextintPwdValue = 0 set objOU =GetObject("LDAP://" & strContainer )For each objUser in objOUIf objUser.class="user" thenobjUser.SetPassword strPasswordobjUser.Put "PwdLastSet", intPwdValueobjUser.SetInfoEnd IfNext 'Set objShell=CreateObject("WScript.Shell")'objShell.Run "%systemroot%\system32\dsa.msc"WScript.Echo intCounter & " Accounts Enabled. Value " _& intAccValueWScript.Quit Link to comment Share on other sites More sharing options...
IcemanND Posted December 27, 2007 Share Posted December 27, 2007 this will list all the users in an OU and it's sub OU's. A little modification of it or yours and you should be set.On Error Resume Next Const ADS_SCOPE_SUBTREE = 2 Set objConnection = CreateObject("ADODB.Connection") Set objCommand = CreateObject("ADODB.Command") objConnection.Provider = "ADsDSOObject" objConnection.Open "Active Directory Provider" Set objCommand.ActiveConnection = objConnection objCommand.Properties("Page Size") = 1000 objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE objCommand.CommandText = _ "SELECT Name FROM 'LDAP://ou=finance,dc=fabrikam,dc=com' WHERE objectCategory='user'" Set objRecordSet = objCommand.Execute objRecordSet.MoveFirst Do Until objRecordSet.EOF Wscript.Echo objRecordSet.Fields("Name").Value objRecordSet.MoveNext LoopAlso you seem to have some duplicated work going on in your script. This could be simplifiedset objOU =GetObject("LDAP://" & strContainer ) intCounter = 0 For each objUser in objOU If objUser.class="user" then objUser.Put "userAccountControl", intAccValue objUser.SetInfo intCounter = intCounter +1 strLastUser = objUser.Get ("name") End if next intPwdValue = 0 set objOU =GetObject("LDAP://" & strContainer ) For each objUser in objOU If objUser.class="user" then objUser.SetPassword strPassword objUser.Put "PwdLastSet", intPwdValue objUser.SetInfo End If Nextto this:set objOU =GetObject("LDAP://" & strContainer ) intCounter = 0 For each objUser in objOU If objUser.class="user" then objUser.Put "userAccountControl", intAccValue objUser.SetPassword strPassword objUser.Put "PwdLastSet", intPwdValue objUser.SetInfo intCounter = intCounter +1 strLastUser = objUser.Get ("name") ' not sure what this is doing here. seems to not be use anywhere else End if next intPwdValue = 0 Link to comment Share on other sites More sharing options...
TheBigEye Posted December 28, 2007 Author Share Posted December 28, 2007 Where does your script set a password and then force the user to change the password as well as enable the account? Link to comment Share on other sites More sharing options...
IcemanND Posted December 28, 2007 Share Posted December 28, 2007 My script at the top of my last post does not. It was just an example of a way to get all of the users in an OU and its sub OU's, pulled off of the Scripting Guys web site, from the questions they have answered in the past.http://www.microsoft.com/technet/scriptcen...05/hey1013.mspxSome incorporation and modification of scripts would still be required.Set password to expire:http://www.microsoft.com/technet/scriptcen...07/hey0516.mspxSet new password:http://www.microsoft.com/technet/scriptcen...06/hey1214.mspx Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now