Previous Page
Next Page

Deleting Users

There are times when you need to delete user accounts, and with ADSI you can very easily delete large numbers of users with a single click of the mouse. Some reasons for deleting user accounts are:

  • To clean up a computer lab environment, that is, to return machines to a known state.

  • To clean up accounts at the end of a school year. Many schools delete all student-related accounts and files at the end of each year. Scripting makes it easy to both create and delete the accounts.

  • To clean up temporary accounts created for special projects. If the creation of accounts is scripted, their deletion can also be scripted, ensuring no temporary accounts are left lingering in the directory.

Just the Steps

To delete users

1.
Perform the binding to the appropriate OU.

2.
Use GetObject to make a connection.

3.
Specify the appropriate provider and ADsPath.

4.
Call the Delete method.

5.
Specify object class as User.

6.
Specify the user to delete by CN.


To delete a user, call the Delete method after binding to the appropriate level in the Active Directory namespace. Then specify both the object class, which in this case is User, and the CN of the user to be deleted. This can actually be accomplished in only two lines of code:

Set objDomain = GetObject(provider & ou & domain)
objDomain.Delete oClass, oCn & oUname

If you modify the CreateUser.vbs script, you can easily transform it into the DeleteUser.vbs script, which follows. Notice that the Reference information section is basically the same. It holds the path to the OU and the path to the user in the variables, enabling you to modify the script more easily. The main change is in the Worker section of the script. The binding string is the same as seen earlier. However, you use the connection that was made in the binding string and call the Delete method. You specify the class of the object in the oClass variable in the Reference section of the script. You also list the oUname and cn= parts as well. The syntax is Delete(Class, target). The deletion takes effect immediately. No SetInfo command is required.

DeleteUser.vbs

Option Explicit
'On Error Resume Next
Dim strProvider 'defines how will talk
Dim strOU 'path to where new object will be created
Dim strDomain 'name of strDomain connecting to
Dim strClass 'the class of object we are creating
Dim strOUname 'name of object are creating
Dim objDomain 'holds connection to adsi
Dim objOU 'holds handle to create method

strprovider = "LDAP://"
strOU = "OU=mred," 'when using is OU=mred, THE , would be required.
strDomain = "dc=nwtraders,dc=msft"
strClass = "User"
strOUname = "CN=MyNewUser"
Set objDomain = GetObject(strProvider & strOU & strDomain)
objDomain.Delete strClass, strOUname

If Err.number = 0 Then
WScript.Echo(strOUname & " was deleted")
Else If Err.number = "-2147016656" Then
WScript.echo strOUname & " does not exist"
Else
WScript.echo " error on the play " & Err.Number
End If
End If


Previous Page
Next Page