List Inactive Machines in AD
Hi, I ahve the following script that enumerates the OU int he domain specified and shows me a count of machines that have not changed their account within x days. What I want it to do is give me a list (as opposed to count) of all machines that have not changed their account within the x days.
Any help greatly appreciated!!
Option Explicit
dim connection
dim command
dim total
dim count
'dim countns
dim recordset
dim adsPath
dim thisComputer
dim dtmValue
dim domain
dim arguments
dim dc
dim pos1
dim pos2
const ADS_SCOPE_SUBTREE = 2
const E_ADS_PROPERTY_NOT_FOUND = &h8000500D
const threshold = 30 ' number of days within which the password should change
Set connection = CreateObject("ADODB.Connection")
Set command = CreateObject("ADODB.Command")
connection.Provider = "ADsDSOObject"
connection.Open "Active Directory Provider"
set arguments = wScript.arguments
if(arguments.Count < 1) then
call usage()
end if
dc = lcase(arguments(0))
if instr(dc,".") then
pos1 = instr(dc,".")
pos2 = instr(pos1+1,dc,".")
domain = mid(dc,pos1+1,pos2-pos1-1)
else
wscript.echo "Please use fully qualified host name for the DC."
wscript.quit
end if
wscript.echo "Querying " & dc & " for domain " & domain
total = 0
count = 0
'countns = 0
' look for computer objects with operating system that contains the word 'server'
Set command.ActiveConnection = connection
command.CommandText = _
"Select Name, adsPath, operatingSystem from 'LDAP://" & dc & "/DC=" & lcase(domain) & ",DC=zzz,DC=com' " _
& "where objectClass='computer' and operatingSystem = '*Professional*'"
command.Properties("Page Size") = 1000
command.Properties("Timeout") = 500
command.Properties("Searchscope") = ADS_SCOPE_SUBTREE
command.Properties("Cache Results") = False
Set recordSet = command.execute
recordSet.moveFirst
' loop through all machines found and retrieve the password last changed attribute
do until recordSet.EOF
total = total + 1
' wscript.echo "Computer Name: " & recordSet.Fields("adspath").Value
adsPath = recordSet.fields("adsPath").Value
Set thisComputer = GetObject(adsPath)
On Error Resume Next
dtmValue = thisComputer.PasswordLastChanged
' if err.number = E_ADS_PROPERTY_NOT_FOUND then
' this computer account has been created but never used
' countns = countns + 1
' else
' check how many days since the password changed
if datediff("d",dtmvalue,now) < threshold then
' password has changed within the threshold period
count = count + 1
end if
' end if
recordSet.moveNext
Loop
wscript.echo "Query complete"
wscript.echo "Total workstation accounts in " & lcase(domain) & ".zzz.com = " & total
wscript.echo "Active workstation accounts = " & count
'wscript.echo "Workstation accounts created but never used = " & countns
sub usage()
WScript.Echo "Usage:" & vbNewLine & vbNewLine &_
"c:\>cscript wkstncount.vbs DC" & vbNewLine & vbNewLine &_
"DC: target domain controller" & vbNewLine &_
"e.g. cscript wkstncount.vbs dc.zzz.com"
wscript.quit(0)
end sub
Any help greatly appreciated!!
Option Explicit
dim connection
dim command
dim total
dim count
'dim countns
dim recordset
dim adsPath
dim thisComputer
dim dtmValue
dim domain
dim arguments
dim dc
dim pos1
dim pos2
const ADS_SCOPE_SUBTREE = 2
const E_ADS_PROPERTY_NOT_FOUND = &h8000500D
const threshold = 30 ' number of days within which the password should change
Set connection = CreateObject("ADODB.Connection")
Set command = CreateObject("ADODB.Command")
connection.Provider = "ADsDSOObject"
connection.Open "Active Directory Provider"
set arguments = wScript.arguments
if(arguments.Count < 1) then
call usage()
end if
dc = lcase(arguments(0))
if instr(dc,".") then
pos1 = instr(dc,".")
pos2 = instr(pos1+1,dc,".")
domain = mid(dc,pos1+1,pos2-pos1-1)
else
wscript.echo "Please use fully qualified host name for the DC."
wscript.quit
end if
wscript.echo "Querying " & dc & " for domain " & domain
total = 0
count = 0
'countns = 0
' look for computer objects with operating system that contains the word 'server'
Set command.ActiveConnection = connection
command.CommandText = _
"Select Name, adsPath, operatingSystem from 'LDAP://" & dc & "/DC=" & lcase(domain) & ",DC=zzz,DC=com' " _
& "where objectClass='computer' and operatingSystem = '*Professional*'"
command.Properties("Page Size") = 1000
command.Properties("Timeout") = 500
command.Properties("Searchscope") = ADS_SCOPE_SUBTREE
command.Properties("Cache Results") = False
Set recordSet = command.execute
recordSet.moveFirst
' loop through all machines found and retrieve the password last changed attribute
do until recordSet.EOF
total = total + 1
' wscript.echo "Computer Name: " & recordSet.Fields("adspath").Value
adsPath = recordSet.fields("adsPath").Value
Set thisComputer = GetObject(adsPath)
On Error Resume Next
dtmValue = thisComputer.PasswordLastChanged
' if err.number = E_ADS_PROPERTY_NOT_FOUND then
' this computer account has been created but never used
' countns = countns + 1
' else
' check how many days since the password changed
if datediff("d",dtmvalue,now) < threshold then
' password has changed within the threshold period
count = count + 1
end if
' end if
recordSet.moveNext
Loop
wscript.echo "Query complete"
wscript.echo "Total workstation accounts in " & lcase(domain) & ".zzz.com = " & total
wscript.echo "Active workstation accounts = " & count
'wscript.echo "Workstation accounts created but never used = " & countns
sub usage()
WScript.Echo "Usage:" & vbNewLine & vbNewLine &_
"c:\>cscript wkstncount.vbs DC" & vbNewLine & vbNewLine &_
"DC: target domain controller" & vbNewLine &_
"e.g. cscript wkstncount.vbs dc.zzz.com"
wscript.quit(0)
end sub
0 Comments
[ + ] Show comments
Answers (0)
Please log in to answer
Be the first to answer this question
Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.
so that the conversation will remain readable.