Enabling or Disabling a User Account

Previous page
Table of content
Next page

Microsoft® Windows® 2000 Scripting Guide

microsoft windows 2000 scripting guide

« Previous | Next »   

You can use scripts to either enable or disable a user account. This is done by toggling the value of the ADS_UF_ACCOUNTDISABLE flag in the userAccountControl attribute.

The scripts for enabling or disabling a user account are similar.

Scripting Steps

Listing 7.9 contains a script that sets the ADS_UF_ACCOUNTDISABLE flag to 0 to enable a user account. To carry out this task, the script performs the following steps:

  1. Set the ADS_UF_ACCOUNTDISABLE constant equal to the disabled flag in the userAccountControl attribute (used on line 8).
  2. Bind to the user account object by using the GetObject function and the LDAP provider.
  3. Create a variable, and initialize it to the integer value of the userAccountControl attribute.
  4. Use the bitwise AND operator to determine whether the flag is enabled.
  5. If the flag is enabled, use the XOR bitwise operator to disable it in the userAccountControl attribute of the user account object, thereby enabling the user account.
  6. Commit the change to the user account object in the local property cache to Active Directory.

Listing 7.9   Enabling a User Account by Modifying the ADS_UF_ACCOUNTDISABLE Flag 

1 2 3 4 5 6 7 8 9 10 
Const ADS_UF_ACCOUNTDISABLE = 2 Set objUser = GetObject _     ("LDAP://cn=MyerKen,ou=Management,dc=NA,dc=fabrikam,dc=com") intUAC = objUser.Get("userAccountControl") If intUAC AND ADS_UF_ACCOUNTDISABLE Then     objUser.Put "userAccountControl", intUAC XOR ADS_UF_ACCOUNTDISABLE     objUser.SetInfo End If

Listing 7.10 contains a script that disables a user account. To carry out this task, the script performs the following steps:

  1. Set the ADS_UF_ACCOUNTDISABLE constant equal to the disabled flag in the userAccountControl attribute (used on line 7).
  2. Bind to the user account object by using the GetObject function and the LDAP provider.
  3. Create a variable, and initialize it to the integer value of the userAccountControl attribute.
  4. Use the bitwise OR operator to enable ADS_UF_ACCOUNTDISABLE in the userAccountControl attribute, thereby disabling the user account.
  5. Commit the change to the user account object in the local property cache to Active Directory.

Listing 7.10   Disabling a User Account by Modifying the ADS_UF_ACCOUNTDISABLE Flag 

1 2 3 4 5 6 7 8 
Const ADS_UF_ACCOUNTDISABLE = 2 Set objUser = GetObject _     ("LDAP://cn=MyerKen,ou=Management,dc=NA,dc=fabrikam,dc=com") intUAC = objUser.Get("userAccountControl") objUser.Put "userAccountControl", intUAC OR ADS_UF_ACCOUNTDISABLE objUser.SetInfo
send us your feedback Send us your feedback « Previous | Next »   

Previous page
Table of content
Next page
Microsoft Windows 2000 Scripting Guide(c) Automating System Administration 2003
Microsoft Windows 2000 Scripting Guide(c) Automating System Administration 2003
ISBN: N/A
EAN: N/A
Year: 2004
Pages: 635
BUY ON AMAZON
Java I/O
Software Configuration Management
SQL Tips & Techniques (Miscellaneous)
Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition)
Special Edition Using Crystal Reports 10
Telecommunications Essentials, Second Edition: The Complete Global Source (2nd Edition)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy