set Logon Script path to null

[Guest]

How can I set some user Account's "logon script" property in Active Directory
to null?
this is the script I've written:

'Retrieve Current User's LDAP path
Set objSysInfo = CreateObject("ADSystemInfo")
strUserAdsPath = objSysInfo.UserName
'Binding to Current User's account object in Active Directory
Set objUser = GetObject("LDAP://" & strUserAdsPath )
'Resetting User's Logon Script path to null so that it is never run again
strNewScriptPath = vbNullString
objUser.Put "scriptpath", strNewScriptPath
objUser.SetInfo

at the SetInfo line,I get this error:
"The attribute syntax specified to the directory service is invalid" code
8007200B

already tried "" instead of vbNullString;no Luck.
also tried retriving logon script path from a user whose property is null
already,and putting it instead of vbNullString;but when it reaches to the
retriving command,an error occurs as "the Active Directory property cannot be
found in the cache" Code 8000500D.

what's wrong and how can I fix it?

 

[Jorge de Almeida Pinto [MVP - DS]]

first define:
'ADS_PROPERTY_CLEAR
'Instructs the directory service to remove all the property value(s) from
the object.
Const ADS_PROPERTY_CLEAR = 1
'ADS_PROPERTY_UPDATE
'Instructs the directory service to replace the current value with the
element(s) in the passed VARIANT array.
Const ADS_PROPERTY_UPDATE = 2
'ADS_PROPERTY_APPEND
'Instructs the directory service to append the new value(s) to the existing
one(s).
Const ADS_PROPERTY_APPEND = 3
'ADS_PROPERTY_DELETE
'Instructs the directory service to delete the specified value(s) of a
property
Const ADS_PROPERTY_DELETE = 4

use instead:
objUser.PutEx ADS_PROPERTY_CLEAR, "scriptPath", vbNullString

--

Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)

# Jorge de Almeida Pinto # MVP Windows Server - Directory Services

BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx

 

[David Denmark]

How can I set some user Account's "logon script" property in Active
Directory to null?

You can use the User Management Resource Administrator working with a
network data display to delete any LDAP attribute value easier than you can
in VB script. You can create a graphical script that 1) gets the user and 2)
deletes a attribute value [in your case, 'scriptPath']. You can build, test
and run a UMRA script in less than 1/10th the time that a comparable
VBscript would take.

How many users are you working with?


Thanks,

Dave Denmark,
MCSE+I, MCDBA
www.advtoolware.com

 

[Brian Desmond [MVP]]

ADModify.Net (link below) is a nice little free GUI for this sort of think.
Jorge's post will clear up your VBScript issue, though.

http://www.gotdotnet.com/workspaces/workspace.aspx?id=f5cbbfa9-e46b-4a7a-8ed8-3e44523f32e2

--
Thanks,
Brian Desmond
Windows Server MVP - Directory Services

www.briandesmond.com

 

[Joe Richards [MVP]]

admod -b user_dn scriptpath:-

If you wanted to do it based on user SAM Name...

adfind -gc -b -f samaccountname=xxx -dsq |admod scriptpath:-

If that matches more than one user it will clear them all. If you want
to focus further you can specify an actual BASE DN to scope your query.

If you wanted to pass more than 10 users and have this done, make sure
you specify the -safety xx switch or -unsafe switch for admod or else it
will think there is a mistake and try to help you protect yourself.

joe

--
Joe Richards Microsoft MVP Windows Server Directory Services
Author of O'Reilly Active Directory Third Edition
www.joeware.net


---O'Reilly Active Directory Third Edition now available---

http://www.joeware.net/win/ad3e.htm