Created
June 15, 2012 19:52
-
-
Save cyberhiker/2938416 to your computer and use it in GitHub Desktop.
Look for accounts of a certain age and disable.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
I had a need to be able to look for user accounts on a Windows system and disable them if I needed to. | |
You can run this on any Windows machine from 2000 forward, Server or Workstation (AFAIK). | |
Run on a local machine by doing: cscript StaleAccounts.vbs | |
Run on a remote machine by doing: cscript StaleAccounts.vbs /s:<ServerName> | |
If you point it at a domain controller, it will probably do the whole AD. I have also provided a means to do a great many | |
machines in an unattended fashion. This is the combination of the CMD file and the CSV file. Both should be self | |
explanatory. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@echo off | |
rem Read theFile.csv and get 4 tokens separated by commas | |
rem %1 is a command line arguments, send the csv file name. | |
rem | |
for /F "tokens=1-4 delims=," %%a in (%1) do ( | |
rem Tokens read are placed in %%a, %%b, %%c and %%d replaceable parameters | |
net use \\%%a\ipc$ /persistent:no /user:%%d\%%b %%c | |
cscript //nologo StaleAccounts.vbs /s:%%a | |
net use \\%%a\ipc$ /delete /y | |
) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<Server Name or IP> | <Username> | <Password> | <Domain> | |
---|---|---|---|---|
foo-server | NoOne | crappyPassword | bar-domain |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
'************************************************************************** | |
' | |
' For Windows Boxes | |
' Checks all accounts to determine what needs to be disabled. | |
' Gives you the option to disable or simply report on them. | |
' | |
' You can send it a /s:<servername> if you wanted to do a remote server. | |
' Simply do a net use first to the remote server. | |
' | |
' You may also use the associated cmd and csv to do multiple servers. | |
' | |
'*************************************************************************** | |
'*************************************************************************** | |
' BEGIN USER VARIABLES | |
'*************************************************************************** | |
' Flag to enable the disabling and moving of unused accounts | |
' True - Will Disable | |
' False - Will create output log only | |
bDisable=False | |
' Number of days before an account is deemed inactive | |
' Accounts that haven't been logged in for this amount of days are selected | |
iLogonDays=90 | |
' When creating the report output all accounts or just the inactive ones. | |
' Helpful if you want to do the analysis of the accounts afterwards interrogation. | |
' True - Only Inactive Accounts | |
' False - All Accounts | |
InactiveOnlyReport = True | |
' Log file path (include trailing \ ) | |
' Use either full directory path or relational to script directory | |
strLogPath=".\logs\" | |
' Error log file name prefix (tab delimited text file. | |
' Name will be appended with date and .err extension) | |
strErrorLog="DisabledAccounts_" | |
' Output log file name prefix (tab delimited text file. | |
'Name will be appended with date and .log extension) | |
strOutputLog="DisabledAccounts_" | |
'*************************************************************************** | |
' END USER VARIABLES | |
'*************************************************************************** | |
'*************************************************************************** | |
' BEGIN MAIN CODE | |
'*************************************************************************** | |
Set colNamedArguments = WScript.Arguments.Named | |
sComputer = colNamedArguments.Item("s") | |
'If a remote computer is not specified, look at local. | |
If sComputer = "" Then | |
sComputer = "localhost" | |
End If | |
'Format date for log file. | |
strDate = Year(Now()) & "-" & Right("0" & Month(Now()), 2) & "-" & Right("0" & Day(Now()), 2) & "_" & sComputer | |
Set oFSO=CreateObject("Scripting.FileSystemObject") | |
'If the log file path does not exist, create it. | |
If Not oFSO.FolderExists(strLogPath) Then oFSO.CreateFolder(strLogPath) | |
'Setup for Log files to be written to. | |
Set output=oFSO.CreateTextFile(strLogPath & strOutputLog & strDate & ".log.tsv") | |
Set errlog=oFSO.CreateTextFile(strLogPath & strErrorLog & strDate & ".err.tsv") | |
'Setup Headers in the Log Files | |
output.WriteLine "Account Name" & vbTab & "Last Logon Date" & vbTab & "Number of Days" | |
errlog.WriteLine "Account Name" & vbTab & "Problem" & vbTab & "Error" | |
'Open an object to look at the specified computer | |
Set IADsCont = GetObject("WinNT://" & sComputer) | |
'For what ever reason services, groups and users are all considered Groups. | |
'We are only interested in users. | |
For Each Group in IADsCont | |
If group.Class = "User" Then | |
Do_Check(Group) | |
End If | |
Next | |
'Clean up | |
Set IADsCont = Nothing | |
output.Close | |
errlog.close | |
Set oFSO = Nothing | |
'*************************************************************************** | |
' END MAIN CODE | |
'*************************************************************************** | |
'*************************************************************************** | |
' BEGIN SUBROUTINES | |
'*************************************************************************** | |
Sub Do_Check(sUser) | |
On Error Resume Next | |
LastLogin = Null | |
sConnectString = "WinNT://" & sComputer & "/" & sUser.name & ",user" | |
Set oUser = GetObject(sConnectString) | |
LastLogin = CDate(oUser.LastLogin) | |
If IsNull(LastLogin) Then | |
LastLogin = CDate("01/01/1970 00:00:00") | |
End If | |
'If the previous throws an error, that means the account has NEVER been logged into. | |
If Err.Number <> 0 Then | |
DisableAccount oUser, "Never" | |
Else | |
'Report on every user or just the inactive ones - flagged on line 31 | |
If InactiveOnlyReport <> True Then | |
WriteReport oUser.Name, LastLogin | |
Else | |
'Disable the account if it does not meet the criteria | |
'Or Write to report is disablement is not selected. | |
If DateDiff("d", LastLogin, Now) > iLogonDays Then | |
DisableAccount oUser, LastLogin | |
End If | |
End If | |
End If | |
End Sub | |
'*************************************************************************** | |
' MAIN CODE ENDS | |
'*************************************************************************** | |
'*************************************************************************** | |
' SUBROUTINES | |
'*************************************************************************** | |
Sub CreateFolder( strPath ) | |
If Not oFSO.FolderExists( oFSO.GetParentFolderName(strPath) ) Then | |
CreateFolder( oFSO.GetParentFolderName(strPath) ) | |
oFSO.CreateFolder( strPath ) | |
End If | |
End Sub | |
Sub DisableAccount( objUser, lastLogon ) | |
On Error Resume Next | |
If bDisable = True Then | |
If objUser.accountdisabled = False Then | |
objUser.accountdisabled = True | |
objUser.SetInfo | |
WriteError objUser, "Disable Account Failed" | |
Else | |
Err.Raise 1,,"Account already disabled." | |
WriteError objUser, "Disable Account Failed" | |
End If | |
End If | |
WriteReport objUser.Name, lastLogon | |
End Sub | |
Sub WriteReport(Username, LastLogonDate) | |
Wscript.Echo Username & vbtab & LastLogonDate & vbtab & DateDiff("d", LastLogonDate, Now) | |
output.WriteLine Username & vbTab & LastLogonDate & vbtab & DateDiff("d", LastLogonDate, Now) | |
End Sub | |
Sub WriteError( objUser, strProblem ) | |
If Err.Number <> 0 Then | |
errlog.WriteLine objUser.Name & vbTab & strProblem & vbTab & Replace(Err.Description,vbCrlf," ") | |
Err.Clear | |
End If | |
End Sub | |
'*************************************************************************** | |
' END SUBROUTINES | |
'*************************************************************************** |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment