使用vbs修改AD用户属性

最新推荐文章于 2021-08-04 21:16:45 发布

chenbin520

最新推荐文章于 2021-08-04 21:16:45 发布

阅读量4.6k

点赞数

分类专栏： VBS 文章标签： vbscript user search filter domain cache

本文链接：https://blog.csdn.net/chenbin520/article/details/7075784

版权

VBS 专栏收录该内容

2 篇文章 0 订阅

订阅专栏

以下代码给AD中OU为总部的用户设置密码、显示名称等。

' VBScript source code
' Determine DNS domain name (this could be hard coded).
Option Explicit
Dim objUser, objRootDSE,objCommand,objConnection,objRecordSet
Dim strContainer,strDNSDomain, intCounter, intAccValue,strBase,strFilter,strAttributes,strQuery,strDN

Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("defaultNamingContext")

strContainer = "OU=总部,"
'intAccValue = 544
intAccValue = 512
strContainer = strContainer & strDNSDomain


' Use ADO to search Active Directory.
Set objCommand = CreateObject("ADODB.Command")
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
objCommand.ActiveConnection = objConnection

' Search the entire domain.
strBase = "<LDAP://" & strContainer & ">"
wscript.echo strBase
' Filter to retrieve only user objects.
'strFilter = "(& (objectCategory=peron)(objectClass=user))"
strFilter = "(objectClass=user)"
' Retrieve the distinguishedName and physicalDeliveryOfficeName attributes.
strAttributes = "distinguishedName"
' Construct the LDAP query.
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"

objCommand.CommandText = strQuery
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Timeout") = 30
objCommand.Properties("Cache Results") = False
Set objRecordSet = objCommand.Execute

' Enumerate the recordset.
intCounter = 0
Do Until objRecordSet.EOF
' For each user, retrieve DN and office.
strDN = objRecordSet.Fields("distinguishedName").Value
Set objUser = GetObject("LDAP://" & strDN)
    objUser.SetPassword "pass@word1"
    objUser.SetInfo
    objUser.Put "userAccountControl", intAccValue
    objuser.Put "userPrincipalName",objUser.get("sAMAccountName") & "@yudeandemo.com" 

	objuser.Put "givenName", left(objuser.get("displayName"), 1)
   objuser.Put "sn", right(objuser.get("displayName"), len(objuser.get("displayName")) -1) '名
    objUser.SetInfo
    intCounter = intCounter +1
' Go to the next record in the recordset.
objRecordSet.MoveNext
If intAccValue=514 Then
	'WScript.Echo " 用户 " &objUser.get("name") & " 已经被禁用.当前状态码为：" _
	'& intAccValue
         'WScript.Echo " 用户 " &objUser.get("userPrincipalName") &objUser.get("sAMAccountName")
Else 
	'WScript.Echo " 用户 " &objUser.get("name") & " 下次登陆必须修改密码.当前状态码为：" _
	'& intAccValue
End If
Loop
WScript.Echo "总共修改 "& intCounter & " 个用户"
WScript.Quit