'Constants Const ForReading = 1 Const ForWriting = 2 Const ForAppending = 8 Const E_ADS_PROPERTY_NOT_FOUND = &h8000500D Const ADS_PROPERTY_CLEAR = 1 Const ADS_PROPERTY_DELETE = 4 'Objects Set FSO=CreateObject("Scripting.FileSystemObject") Set wshShell = WScript.CreateObject ("WSCript.shell") Set objMessage = CreateObject("CDO.Message") 'Variables ThisComputer=wshShell.ExpandEnvironmentStrings("%COMPUTERNAME%") LogDir="C:\autoterm\log" WorkdataFolder = "\\mc2m943g\disablefiles\" 'Set up logging 'vbscript Date() function returns single digits <10, so pad a 0..... If Month(Date) < 10 Then CurMonth="0" & Month(Date) Else CurMonth=Month(Date) End If If Day(Date) < 10 Then CurDay="0" & Day(Date) Else CurDay=Day(Date) End If LogFile=Year(Date) & CurMonth & CurDay & ".txt" FullLogfilePath=LogDir & "\" & LogFile If Not FSO.FileExists(FullLogfilePath) Then Set Logging=FSO.CreateTextFile(FullLogfilePath, ForAppending) Logging.Close Set Logging=FSO.OpenTextFile(FullLogFilePath, ForAppending) Else Set Logging=FSO.OpenTextFile(FullLogFilePath, ForAppending) End If 'Check for Workdata/ID's to term. Set folder = fso.GetFolder(WorkDataFolder) Set files = folder.Files For Each folderIdx In files 'Set up your temporary email file. TempEmailFileName="C:\AUTOTERM\TEMP\" & Year(Date) & Month(Date) & Day(Date) & Hour(now) & Minute(now) & Second(now) & rnd & ".txt" If Not FSO.FileExists(TempEmailFileName) Then Set Mailbody=FSO.CreateTextFile(TempEmailFileName, ForAppending) Mailbody.close Set MailBody=FSO.OpenTextFile(TempEmailFileName, ForAppending) Else Set MailBody=FSO.OpenTextFile(TempEmailFileName, ForAppending) End If WorkFile=folderIdx.Name Logging.WriteLine(Date & " " & Time & " Calling main loop for " & WorkDataFolder & "\" & WorkFile) FullWorkFilePath=WorkDataFolder & "\" & WorkFile Call WorkfileLoop(FullWorkFilePath) Next WScript.Quit Sub WorkFileLoop(FileToParse) 'This is the loop that will do the actual term. OriginalFileName=FileToParse Set Workfile=FSO.OpenTextFile(FileToParse, ForReading) Do Until WorkFile.AtEndofstream CurrentLine=LCase(workfile.readline) TmpDelim=Split(CurrentLine,"~") UserToDisable=TmpDelim(0) WhoDisabled=TmpDelim(1) Loop Workfile.Close Call TerminateByLanID(UserToDisable,WhoDisabled) Call MoveFile(OriginalFileName, "C:\autoterm\workdata\completed\") End Sub Sub TerminateByLanID(Target,Archer) LanID=Target WhoDisabled=Archer Logging.WriteLine(Date & " " & Time & " " & WhoDisabled & " has disabled LanID " & Target) call DisableUser(LanID) Logging.WriteLine(Date & " " & Time & " Changing description for LanID " & Target) Call SetDescription(LanID,WhoDisabled) Logging.WriteLine(Date & " " & Time & " Hiding GAL entry for LanID " & Target) call HideFromGAL(LanID) Logging.WriteLine(Date & " " & Time & " Prepending zz_ to smtp proxy addresses for LanID " & Target) call PrependZZ(LanID) Logging.WriteLine(Date & " " & Time & " Stripping manager field for LanID " & Target) call StripManager(LanID) Logging.WriteLine(Date & " " & Time & " Saving groups in notes filed for LanID " & Target) call SaveGroups(LanID) Logging.WriteLine(Date & " " & Time & " Stripping group/DL memberships for LanID " & Target) call RemoveGroups(Target) Logging.WriteLine(Date & " " & Time & " Making default smtp address a zz'd entry for LanID " & Target) call ChangeDefaultEmail(LanID) Logging.WriteLine(Date & " " & Time & " Relocating " & Target & " to Disabled Users OU") call MoveToDisabledOU(LanID) Logging.WriteLine(Date & " " & Time & " Renaming AD container for LanID " & Target) call RenameContainer(LanID) Logging.WriteLine(Date & " " & Time & " Sending termination notice email for LanID " & Target) 'Prepare to send Email DisplayName=RetrieveValue("sAMAccountName",Target,"name") MailBody.Close call SendMail("karl.weckstrom@rbccm.com",DisplayName,LanID,TempEmailFileName) 'call SendMail("dsusapcserver@rbccm.com",DisplayName,LanID,TempEmailFileName) 'call SendMail("helpdesk.ny@rbccm.com",DisplayName,LanID,TempEmailFileName) FSO.DeleteFile TempEmailFileName Call AddUserToWatchList(LanID) End Sub Sub AddUserToWatchList(Target) Set WatchList=FSO.OpenTextFile("C:\autoterm\watchlist.txt",ForAppending, true) WatchList.WriteLine(Target & "~" & date) WatchList.close End Sub Sub MoveFile(sSource,sDestination) 'WScript.Echo sSource 'On Error Resume Next Set objFileCopy = FSO.GetFile(sSource) objFileCopy.Move(sDestination) End Sub Sub RenameContainer(Target) 'Bind to the AD object FullDN="LDAP://" & RetrieveValue("sAMAccountName",Target,"DistinguishedName") Set objUser = GetObject(fulldn) NewDisplayName=replace(objuser.displayname,"zz_","") NewDisplayName=replace(NewDisplayName,"zz_","") NewDisplayName=replace(NewdisplayName,",","\,") NewRDN="zz_" & newdisplayname If instr(objuser.distinguishedname,"zz_")<1 Then execCMD="cmd /c dsquery user -samid " & Target & " | dsmove -newname " & chr(34) & NewRDN & chr(34) 'wscript.echo execCMD Set wshShell = WScript.CreateObject ("WSCript.shell") wshshell.run execCMD set wshshell = Nothing end if end sub Sub DisableUser(Target) 'Bind to the AD object FullDN="LDAP://" & RetrieveValue("sAMAccountName",Target,"DistinguishedName") Set objUser = GetObject(fulldn) 'Set to Disabled in AD... if objUser.AccountDisabled = FALSE Then objUser.AccountDisabled = True objUser.SetInfo MailBody.Writeline("Account " & objUser.Get("name") & " (" & Target & ") now disabled." & vbcrlf) else MailBody.Writeline("Account for " & objUser.Get("name") & " already disabled" & vbcrlf) end If End Sub Sub SetDescription(Target, Archer) 'Bind to the user object FullDN="LDAP://" & RetrieveValue("sAMAccountName",Target,"DistinguishedName") Set objUser = GetObject(fulldn) 'set Description field to reflect who disabled the account Set oShell = CreateObject( "WScript.Shell" ) DisablingUser=oShell.ExpandEnvironmentStrings("%UserName%") objuser.description="Account disabled by " & Archer & " on " & Date & ", " & Time objuser.SetInfo MailBody.Writeline("Account disabled by " & Archer & " on " & Date & ", " & Time & vbcrlf) end sub sub HideFromGAL(Target) 'Bind to the user object FullDN="LDAP://" & RetrieveValue("sAMAccountName",Target,"DistinguishedName") Set objUser = GetObject(fulldn) 'Hide from address book... if objUser.HideFromAddressBook = FALSE Then objuser.HideFromAddressBook = True objuser.SetInfo MailBody.Writeline("Account " & objUser.Get("name") & " now hidden from address lists." & vbcrlf) else MailBody.Writeline("Account for " & objUser.Get("name") & " already hidden from address lists." & vbcrlf) end if end sub sub PrependZZ(Target) 'Bind to the user object FullDN="LDAP://" & RetrieveValue("sAMAccountName",Target,"DistinguishedName") Set objUser = GetObject(fulldn) 'Prepend zz_ to Display Name if left(objUser.displayName,2)="zz" then MailBody.Writeline("Display name already prepended with zz_") else zzDN="zz_" & objuser.displayName objuser.displayName=zzDN objuser.SetInfo MailBody.Writeline("Display Name is now " & objuser.DisplayName) end if if left(objUser.mail,2)="zz" then MailBody.Writeline("Email Address already prepended with zz_.") Else zzmail="zz_" & objuser.mail objuser.mail=zzmail objuser.SetInfo MailBody.Writeline("Email Address is now " & objuser.mail) end if end Sub sub StripManager(Target) 'Bind to the user object FullDN="LDAP://" & RetrieveValue("sAMAccountName",Target,"DistinguishedName") Set objUser = GetObject(fulldn) On Error Resume Next objUser.PutEx ADS_PROPERTY_CLEAR, "manager", 0 objUser.SetInfo MailBody.Writeline("Manager field stripped." & VbCrLf) end sub Sub SaveGroups(Target) 'Bind to the user object FullDN="LDAP://" & RetrieveValue("sAMAccountName",Target,"DistinguishedName") Set objUser = GetObject(fulldn) arrGroups = objUser.memberOf If IsEmpty(arrGroups) Then Groupflag=1 MailBody.Writeline("Member of no groups") ElseIf (TypeName(arrGroups) = "String") Then MailBody.Writeline("Member of group " & arrGroups) Else For Each strGroup In arrGroups Grouplist=split(strGroup,",") Groupname=grouplist(0) groupname=replace(groupname,"\+","+") groupname=replace(groupname,"CN=","") if infofield="" then infofield="Former Groups:" & vbcrlf & groupname else infofield=infofield & ";" & groupname end if Next End If if len(infofield)>1024 then MailBody.Writeline("User's group listing is VERY large and cannot be stored with the user's AD account. Please retain this email if this user could potentially be rehired.") else objuser.info=infofield & vbTab objuser.setinfo end If Logging.WriteLine(Date & " " & Time & " Stripping Group/DL memberships for LanID " & Target) end sub Sub RemoveGroups(Target) 'Bind to the user object FullDN="LDAP://" & RetrieveValue("sAMAccountName",Target,"DistinguishedName") Set objUser = GetObject(fulldn) On Error Resume Next If (Err.Number <> 0) Then MailBody.Writeline("Member of no groups." & VbCrLf) Else arrMemberOf=objUser.GetEx("memberOf") For Each Group in arrMemberOf Set objGroup = GetObject("LDAP://" & Group) MailBody.Writeline("Removing Group: " & objGroup.CN & VbCrLf) objGroup.PutEx 4,"member", Array(objUser.DistinguishedName) objGroup.SetInfo Next End If on error goto 0 end Sub sub MoveToDisabledOU(Target) 'Bind to the user object FullDN="LDAP://" & RetrieveValue("sAMAccountName",Target,"DistinguishedName") Set objUser = GetObject(fulldn) 'Move user to DISABLED ACCOUNTS Org Unit set objOU=GetObject("LDAP://OU=USA,OU=Left Firm,OU=Disabled Accounts,OU=North America,DC=oak,DC=fg,DC=rbc,DC=com") objOU.MoveHere FullDN, vbNullString ResultingDN="LDAP://" & RetrieveValue("sAMAccountName",Target,"distinguishedName") MailBody.Writeline("New Loc: " & ResultingDN & VBCRLF & "End of report.") end sub Sub ChangeDefaultEmail(Target) 'Bind to the user object FullDN="LDAP://" & RetrieveValue("sAMAccountName",Target,"DistinguishedName") Set objUser = GetObject(fulldn) On error resume next arrProxyAddresses = objUser.proxyAddresses For Each Address In arrProxyAddresses 'Confirm that the address is for the SMTP somain you want to process If left(Address,5)= "smtp:" Then 'Strip the address from the array objUser.PutEx 4, "proxyAddresses", Array(Address) objUser.SetInfo End If Next 'Add the ZZ'd one objUser.PutEx 3, "proxyAddresses", Array("smtp:zz_" & objuser.mail) objUser.SetInfo End Sub function RetrieveValue(DataType,Data,ObjName) 'WScript.Echo datatype 'WScript.Echo Data 'WScript.Echo objName Set oRootDSE = GetObject("LDAP://rootDSE") Set oConnection = CreateObject("ADODB.Connection") oConnection.Open "Provider=ADsDSOObject;" Set oCommand = CreateObject("ADODB.Command") oCommand.ActiveConnection = oConnection If DataType="EmployeeID" then oCommand.CommandText = ";(&(objectCategory=User)(" & DataType & "=" & Data & "*));" & objName & ";subtree" Else oCommand.CommandText = ";(&(objectCategory=User)(" & DataType & "=" & Data & "));" & objName & ";subtree" End If 'WScript.Echo oCommand.CommandText Set oRecordSet = oCommand.Execute on error resume Next 'WScript.Echo oRecordSet.Fields(objName) RetrieveValue = oRecordSet.Fields(objName) Set oRecordSet = Nothing Set oCommand = Nothing Set oConnection = Nothing Set oRootDSE = Nothing End function Sub SendMail(Recipient,TermName,LanID,BodyFile) Set objMessage = CreateObject("CDO.Message") Set MailBody=FSO.OpenTextFile(BodyFile, ForReading) objMessage.Subject = "OAK ACCOUNT TERMINATION: " & TermName & " (" & LanID & ")" objMessage.From = "dsusapcserver@rbccm.com" objMessage.To = Recipient 'Read in the temp file you created objMessage.TextBody = MailBody.ReadAll MailBody.Close 'objMessage.AddAttachment(c:.txt) '======== Config ============ objMessage.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2 objMessage.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "mailer.rbc.com" objMessage.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25 '======== End Config ========= objMessage.Configuration.Fields.Update objMessage.Send end Sub