Sign in to follow this  
Followers 0
ReitzelTechnology

Users in OU will not delete

27 posts in this topic

We have a HOLD directory in AD for disabled users and computers. Every so often the server will need to run a script to emtpy this folder. The computers will delete fine but we cannnot get the users to delete.

Here is the code for the script

#include <\\ReitzelTechnology.int\Adm$\AutoIt_Scripts\adfunctions.au3>
#include <Array.au3>
#include <File.au3>

;---------------
; Read OU
;---------------
Global $Users
$ou = "OU=HOLD1,DC=ReitzelTechnology,DC=int"; Root of your AD, e.g. DC=microsoft,DC=com
_ADGetObjectsInOU($Users, $ou, "(&(objectCategory=person))", 2)

Dim $Array1Size = UBound($Users)-1
;~ _ArrayDisplay($Sizes)
For $i = 0 To $Array1Size
    $Users[$i] = StringReplace($Users[$i], '$', '');removes money sign from end of each computer
    $Users[$i] = StringLower($Users[$i]);makes all Users lowercase
Next

If $Users = "" Then
    MsgBox(64, "No objects", "There are no objects in this OU")
    Exit
EndIf

_ArraySort($Users, 0, 1);sort alphabetically a-z
_ArrayDelete($Users, 0);removes the first row of array to get rid of count
;_ArrayDisplay($Users)
_FileWriteFromArray("C:\output_users.txt", $Users);output OU to text file


;--------------------------
; Delete Users from OU
;--------------------------
Dim $DelUsers
_FileReadToArray("C:\output_users.txt", $DelUsers)
_ArrayDelete($DelUsers, 0);removes the first row of array to get rid of count

Dim $Array2Size = UBound($DelUsers)-1
For $i = 0 To $Array2Size
    _ADDeleteObject($ou, $DelUsers[$i], "users")
Next

Share this post


Link to post
Share on other sites



If you want to delete all objects in the OU then just list all objects of the OU and delete them. To determine the needed object type you could use the following code:

_AD_DeleteObject($sObject, _AD_GetObjectClass($sObject))

For this example to work you need to change from the adfunctions.au3 to the successor AD.au3 (for download please check my signature).

BTW:

Some error handling (checking the returnvalue, @error and a COM error handler) would greatly enhance the stability of your code.


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

Water:

Could you give me a simple example code piece to delete all items within a specified OU?

Share this post


Link to post
Share on other sites

Sure, as soon as I'm back in my office.


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

#5 ·  Posted (edited)

I suggest something like this:

#include <AD.au3>
#include <File.au3>

$sTitle = "Active Directory Cleanup Script"
_AD_Open(); Open Connection to the Active Directory
If @error Then Exit MsgBox(16, $sTitle, "Function _AD_Open encountered a problem. @error = " & @error & ", @extended = " & @extended)
Global $sOU = "OU=HOLD1,DC=ReitzelTechnology,DC=int"
Global $aObjects = _AD_GetObjectsInOU($sOU, "", 1, "distinguishedName")
If @error > 0 Then Exit MsgBox(64,$sTitle, "Error in _AD_GetObjectsInOU: " & @error)
For $i = 1 To $aObjects[0]
    _AD_DeleteObject($aObjects[$i], _AD_GetObjectClass($aObjects[$i]) & @CRLF)
    If @error > 0 Then
        Exit MsgBox(64, $sTitle, "Error in _AD_DeleteObject for '" & $aObjects[$i] & "': " & @error)
    Else
        _FileWriteLog(@ScriptDir & "AD_Delete.log", "Entry " & $aObjects[$i] & " successfully deleted!")
    EndIf
Next
_AD_Close(); Close Connection to the Active Directory
Edited by water

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

#6 ·  Posted (edited)

Hey thanks for that. But when I run it the log file says it was deleted but they still appear in AD, thoughts?

Edited by ReitzelTechnology

Share this post


Link to post
Share on other sites

Could you please insert line "$iAD_Debug = 2" after "#include <ad.au3>" so we get some additional debugging information?


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

Here is what it pops up when I run the script

post-60598-0-59781800-1327777821_thumb.p

Share this post


Link to post
Share on other sites

Ok. We have an error in the example script I posted.

If @error > 0 Then
should be
If @error <> 0 Then

Could you please run this modified version?

#include <AD.au3>
#include <File.au3>

$sTitle = "Active Directory Cleanup Script"
_AD_Open(); Open Connection to the Active Directory
If @error Then Exit MsgBox(16, $sTitle, "Function _AD_Open encountered a problem. @error = " & @error & ", @extended = " & @extended)
Global $sOU = "OU=HOLD1,DC=ReitzelTechnology,DC=int"
Global $aObjects = _AD_GetObjectsInOU($sOU, "", 1, "distinguishedName")
If @error > 0 Then Exit MsgBox(64,$sTitle, "Error in _AD_GetObjectsInOU: " & @error)
For $i = 1 To $aObjects[0]
    _AD_DeleteObject($aObjects[$i], _AD_GetObjectClass($aObjects[$i]) & @CRLF)
    If @error <> 0 Then
        Exit MsgBox(64, $sTitle, "Error in _AD_DeleteObject for '" & $aObjects[$i] & "', Class ': " & _AD_GetObjectClass($aObjects[$i]) & "': " & @error)
    Else
        _FileWriteLog(@ScriptDir & "AD_Delete.log", "Entry " & $aObjects[$i] & " successfully deleted!")
    EndIf
Next
_AD_Close(); Close Connection to the Active Directory

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

Ok here is the error we get now

post-60598-0-76016300-1327780107_thumb.p

Share this post


Link to post
Share on other sites

But when you run the above script you should get something like:

"Error in _AD_DeleteObject for 'CN=test user,OU=HOLD1,DC=ReitzelTechnology,DC=int', Class: 'computer': -21..."


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

But when you run the above script you should get something like:

"Error in _AD_DeleteObject for 'CN=test user,OU=HOLD1,DC=ReitzelTechnology,DC=int', Class: 'computer': -21..."

I get that same error except it says class:'user': 0. We have both users and computers in the directory

Share this post


Link to post
Share on other sites

#13 ·  Posted (edited)

Could you please modify function _AD_DeleteObject so we get the "real" data the function uses?

Func _AD_DeleteObject($sAD_Object, $sAD_Class)

    If Not _AD_ObjectExists($sAD_Object) Then Return SetError(1, 0, 0)
    If StringMid($sAD_Object, 3, 1) <> "=" Then $sAD_Object = _AD_SamAccountNameToFQDN($sAD_Object) ; sAMAccountName provided
    Local $oAD_Object = _AD_ObjGet("LDAP://" & $sAD_HostServer & "/" & $sAD_Object)
    Local $oAD_OU = _AD_ObjGet($oAD_Object.Parent) ; Get the object of the OU/CN where the object resides
    Local $sAD_CN = "CN=" & _AD_GetObjectAttribute($sAD_Object, "cn")
ConsoleWrite(">" & $sAD_Class & "-" & $sAD_CN & "<" & @CRLF) ; <=== This line is new
    $oAD_OU.Delete($sAD_Class, $sAD_CN)
    If @error <> 0 Then Return SetError(@error, 0, 0)
    Return 1

EndFunc   ;==>_AD_DeleteObject
Edited by water

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

Could you please modify function _AD_DeleteObject so we get the "real" data the function uses?

Func _AD_DeleteObject($sAD_Object, $sAD_Class)

    If Not _AD_ObjectExists($sAD_Object) Then Return SetError(1, 0, 0)
    If StringMid($sAD_Object, 3, 1) <> "=" Then $sAD_Object = _AD_SamAccountNameToFQDN($sAD_Object) ; sAMAccountName provided
    Local $oAD_Object = _AD_ObjGet("LDAP://" & $sAD_HostServer & "/" & $sAD_Object)
    Local $oAD_OU = _AD_ObjGet($oAD_Object.Parent) ; Get the object of the OU/CN where the object resides
    Local $sAD_CN = "CN=" & _AD_GetObjectAttribute($sAD_Object, "cn")
ConsoleWrite(">" & $sAD_Class & "-" & $sAD_CN & "<" & @CRLF) ; <=== This line is new
    $oAD_OU.Delete($sAD_Class, $sAD_CN)
    If @error <> 0 Then Return SetError(@error, 0, 0)
    Return 1

EndFunc   ;==>_AD_DeleteObject

Did that, still no change

Share this post


Link to post
Share on other sites

#15 ·  Posted (edited)

I know, but you should get the data that is used for the delete operation written to the console.

If you compile the script to run it please replace the ConsoleWrite with:

MsgBox(0, "", ">" & $sAD_Class & "-" & $sAD_CN & "<")
Edited by water

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

Am I correct the we now have the same problem you had with your original script? Computers can be deleted fine but users give an error?

What version of AutoIt do you use?


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

Am I correct the we now have the same problem you had with your original script? Computers can be deleted fine but users give an error?

What version of AutoIt do you use?

This new one won't delete anything, no computers or users. I am using 3.3.6.0

Share this post


Link to post
Share on other sites

What user do you use to delete the computers/users (ordinary user, domain admin ...)?

We once had a problem with


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

What user do you use to delete the computers/users (ordinary user, domain admin ...)?

We once had a problem with

We use a domain admin account that we are logged in with

Share this post


Link to post
Share on other sites

Can you delete computers or users with Microsoft admin tools?


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0