我正在尝试构建一个为计算机项目进行分析的脚本,禁用并将其移动到另一个AD OU。以管理员身份运行它但我必须为用户凭据添加一个变量,这实际上会起作用:(。
Const ADS_SCOPE_SUBTREE = 2
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
objConnection.Properties("User ID") = "user" 'pass credentials - if you omit this, the search is performed...
objConnection.Properties("Password") = "pass" '... with the current credentials
objConnection.Properties("Encrypt Password") = True 'only needed if you set "User ID" and "Password"
objCommand.CommandText = "SELECT ADsPath FROM 'LDAP://dc=something,dc=com' WHERE objectCategory='computer' AND name='"& strComputer &"'"
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
Do Until objRecordSet.EOF
strADsPath = objRecordSet.Fields("ADsPath").Value
Set objComputer = GetObject(strADsPath)
objComputer.AccountDisabled = True
objComputer.SetInfo
Set objOU = GetObject("LDAP://OU=HARDWARE,OU=Deleted Items,DC=something,DC=com")
Set objReturn = objOU.MoveHere(strADsPath, vbNullString)
objRecordSet.MoveNext
Loop