Sign in
 
HomeLibraryLearnDownloadsRepositoryCommunityForumsBlog

List All the Disabled User Accounts in Active Directory

Returns a list of all disabled user accounts in the fabrikam.com domain.

 
 
 
 
 
4.2 Star
(9)
Add to favorites
Active Directory
8/10/2009
E-mail Twitter del.icio.us Digg Facebook
  • Hide
    All you need it dsquery user -disable....
    6 Posts | Last post March 23, 2012
    • Written March 23, 2010 
      and you can redirect output to file. As simple as that...
    • Written October 27, 2010 
      i m just change the domain name on the script and excute it and the follwoing error had shown
lin :10
char:1
error:table does not exist
code:80040e37
source: provider
    • Written February 01, 2011 
      If im using this exact script to find all disabled user accounts, how do I redirect it to a text file? Please kindly advice. Cheers! DB
    • Written February 02, 2011 
      REM call this script with 
REM cscript scriptname.vbs

Const ADS_UF_ACCOUNTDISABLE = 2 

Set objStdOut = WScript.StdOut
 
Set objConnection = CreateObject("ADODB.Connection") 
objConnection.Open "Provider=ADsDSOObject;" 
Set objCommand = CreateObject("ADODB.Command") 
objCommand.ActiveConnection = objConnection 
objCommand.CommandText = "<GC://dc=domainname,dc=country>;(objectCategory=UserTest)"
    • Written February 02, 2011 
      limit on number of lines ?! I give up
    • Written March 23, 2012 
      Hello Guys,

" ....how do I redirect it to a text file?" 

Voila ;-)

On Error Resume Next

Const ADS_SCOPE_SUBTREE = 2

Set objConnection = CreateObject("ADODB.Connection")
Set objCommand =   CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection

objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE 

objCommand.CommandText = _
    "<LDAP://dc=bre-ls,dc=de>;(&(objectCategory=User)" & _
        "(userAccountControl:1.2.840.113556.1.4.803:=2));Name;Subtree"  
Set objRecordSet = objCommand.Execute

FileName = "AD_Deaktivierte_Benutzer.txt"


Set FS = CreateObject("Scripting.FileSystemObject")
Set LogFile = FS.OpenTextFile(FileName , 2, True) 

objRecordSet.MoveFirst
Do Until objRecordSet.EOF
    LogFile.WriteLine objRecordSet.Fields("Name").Value
    objRecordSet.MoveNext
Loop

LogFile.Close
  • Hide
    Disable Test Logic
    1 Posts | Last post May 31, 2011
    • Written May 31, 2011 
      Can you explain the IF test line?  
intUAC is an even value and ADS_UF_ACCOUNTDISABLE is a constant, so when is this test true/false and why?
The userAccountControl value is a sum value of different constants, so I'm trying to understand the test and why it is true or false.