Windows Server Hack [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

Windows Server Hack [Electronic resources] - نسخه متنی

Mitch Tulloch

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
ارسال به دوستان
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات
توضیحات
افزودن یادداشت جدید
















Hack 31 Modify User Properties for All Users in a Particular OU







Changing the logon script for all users in an
organizational unit (OU) is a chore if you're
working from the GUI, so try this script instead.



The ability to quickly change the logon script that
members of a particular OU are running is quick and easy though
VBScript. To change the properties of objects located in a specific
OU, you must first bind to that OU using ADSI. To do this, you must
list all the parent OUs of the OUs you are trying to bind to, as
shown in the script in this hack. Then you must gather all the
usernames in the OU you are modifying and check to make sure they are
indeed just users and not some other object. If they are users,
change the path of the logon script property in their account to
Network/NewLogon.cmd and set the changes in
place. Then notify the person running the script that the changes
have been completed.



This script comes in handy when you need to modify common properties
of many user accounts in a particular OU all at once in an Active
Directory domain. In Windows 2000, unlike in NT4, you cannot just
highlight the users you want to change, click on Properties and
change a common property (e.g., Logon Script) for the users you have
selected.




The Code






To use this script, type it into Notepad (with Word Wrap disabled)
and save it with a .vbs extension
as
ModifyUsersOU.vbs:



'~~Comment~~
'Modify all users in a specific OU in Active Directory at once. This script
'will change the logon script path For all users of the
'"Network/Services/Users/Test" OU To "Network/newlogon.cmd".
'~~Script~~
'This is the actual LDAP. If the OU is a sub-OU, you must enter ALL of them.
Set OU = GetObject("LDAP://DCServerName.MY.Domain.COM/OU=Test,OU=Users,OU=Services,OU=
Network,DC=MY,DC=Domain,DC=com")
'Setup to get all the users in the specified OU from above.
'Gather each username.
For Each oUser In OU
'Make sure they are only USER class.
If oUser.Class = "user" Then
'Set the name of the login script itself here.
oUser.Put "scriptpath", "Network\newlogon.cmd"
'Set these settings.
oUser.SetInfo
End If
Next
Wscript.echo "The Network/Services/Users/Test OU has been updated!"
Wscript.Quit



Change the following line to specify the appropriate OU in your own
network environment:



Set OU = GetObject("LDAP://DCServerName.MY.Domain.COM/OU=Test,OU=Users,OU=Services,
OU=Network,DC=MY,DC=Domain,DC=com")



For example, if your OU is named Boston and your
domain is mtit.com, then this line should be
changed to:



Set OU = GetObject("LDAP://DCServerName.MY.Domain.COM/OU=Boston, DC=mtit,DC=com")



Specify the new logon script, like so:



oUser.Put "scriptpath", "Network\newlogon.cmd"



Finally, specify the output for the ECHO by
modifying this line as required:



Wscript.echo "The Network/Services/Users/Test OU has been updated!"



In our example, this line should be changed to:



Wscript.echo "The Boston OU has been updated!"


Hacking the Hack






This script can easily be modified to change any of the User Object
properties in a particular OU, such as:



Profile Path Home DirectoryHome Drive LetterEmail Description



The script can of course be customized to modify virtually any
other displayed properties of user objects.



Hans Schefske




/ 163