Here is another script that you can run to display all of the accounts that have a mis-match between their Exchange AG and the Legacy ExchangeDN. (Yes, The Legacy ExchangeDN is still used - Thanks MSFT!!!)
'-------------------------------------------------------------------------------'
' Displays accounts with mis-matched Adminitrative groups vs. legacyExchangeDN. '
'-------------------------------------------------------------------------------'
Option Explicit
Const ADS_PROPERTY_CLEAR = 1
Dim defaultNamingContext
Dim legacyExchangeDN, homeMDB, AdsPath, sAMAccountName
Dim AdConn, AdComm, AdRS, AdQuery
Dim Fix, objUser
If WScript.Arguments.Count = 1 then
If UCase(WScript.Arguments.Item(0)) = "-F" Or UCase(WScript.Arguments.Item(0)) = "/F" then
Fix = True
End If
Else
Fix = False
End If
defaultNamingContext = GetObject("LDAP://RootDSE").Get("defaultNamingContext")
AdQuery = "SELECT legacyExchangeDN, homeMDB, AdsPath, sAMAccountName " & _
"FROM 'LDAP://" & defaultNamingContext & "' " & _
"WHERE objectCategory='Person' " & _
"AND objectClass='User' " & _
"AND legacyExchangeDN='*' " & _
"AND homeMDB='*'"
Set AdConn = CreateObject("ADODB.Connection") ' Get an ADO connection object
AdConn.Provider = "ADsDSOObject" ' Set provider name
AdConn.Open "Active Directory Provider" ' open connection
Set AdComm = CreateObject("ADODB.Command") ' Get an ADO command object
AdComm.ActiveConnection = AdConn ' Tell command object about connection
AdComm.Properties("SearchScope") = 2 ' we want to search everything
AdComm.Properties("Page Size") = 100 ' and we want our records in lots of 500
AdComm.CommandText = AdQuery ' Set the ADO CommandText
Set AdRS = AdComm.Execute ' and run the query.
On Error Resume Next
With AdRs
AdRS.MoveFirst ' Go to 1st record in the set
While Not .EOF ' Read 'em until they're gone
legacyExchangeDN = .Fields("legacyExchangeDN")
homeMDB = .Fields("homeMDB")
AdsPath = .Fields("AdsPath")
sAMAccountName = .Fields("sAMAccountName")
legacyExchangeDN = Mid(legacyExchangeDN,2)
legacyExchangeDN = Mid(legacyExchangeDN,InStr(legacyExchangeDN,"/")+1)
legacyExchangeDN = Mid(legacyExchangeDN,InStr(legacyExchangeDN,"=")+1)
legacyExchangeDN = Mid(legacyExchangeDN,1,InStr(legacyExchangeDN,"/")-1)
homeMDB = Mid(homeMDB,InStr(homeMDB,"CN=Servers,CN=")+14)
homeMDB = Mid(homeMDB,1,InStr(homeMDB,"CN=Admin")-2)
If UCase(homeMDB) <> UCase(legacyExchangeDN) then
If Fix then
Err.Clear
Set objUser = GetObject(AdsPath)
objUser.PutEx ADS_PROPERTY_CLEAR, "legacyExchangeDN", vbNullString
objUser.SetInfo
If Err then
WScript.Echo "Error " & Hex(Err.Number) & " clearing legacyExchangeDN for " & AdsPath
Err.Clear
Else
WScript.Echo "legacyExchangeDN cleared for " & AdsPath & " " & legacyExchageDN & "<>" & homeMDB
End If
Set objUser = Nothing
Else
WScript.Echo legacyExchangeDN & "," & homeMDB & ",""" & AdsPath & """"
End If
End If
.MoveNext
Wend
End With
Set AdRs = Nothing
Set AdComm = Nothing
Set AdConn = Nothing
Monday, March 26, 2007
Subscribe to:
Post Comments (Atom)
Posts
No comments:
Post a Comment