Hi all,
in the MS TechNet Wiki is a cool article for a Windows Server 2012 Test Lab. In this article are helpful testlab guides to demonstrate the new features and functionality in Windows Server 2012 and Windows 8.
You can check it here.
Tuesday, November 27, 2012
Monday, November 26, 2012
Disable an Active Directory account on a schedule
Every AD Admin knows this thing. Request 891237843 ->Please disable the User XY on next saturday at 12 pm. Its weekend so don´t waste your time with this things... Here is a guide for creating a schedule task that do this job for you!
First create a batch file like this:
dsmod user "CN=Bad Person,OU=Users,DC=companyX,DC=com" -disabled yes
You have to know the users DN. You can find it in Active Directory Users and Computers (ADUC) in the Users Properties. In the properties select the tab "Attribute Editor" tab and go to "distinguishedName". Double click on it and copy the value. Replace my sample DN CN=Bad Person,OU=Users,DC=companyX,DC=com in the script with your users DN and save it.
On your DC or on a admin workstation that have DSMOD installed, create a schedule task that run the created batch file.
One example for creating a Schedule Task on Windows Server 2008 R2:
Open the "Task Scheduler" that is located in "Administrative Tools". Right-click "Task Scheduler Libary" and select "Create Task...".
Task Settings:
-General tab
Select "Run whether user is logged on or not"
-Triggers tab
Click on "New..", select "On a schedule" and set the time you want to disable the user.
-Actions tab
Click on "New..", select "Start a program" and "Browse" to your created batch file.
Confirm all by clicking "OK" and entering your credentials or credentials from a task user.
Note: The account that run the task need the required rights to disable a User account.
First create a batch file like this:
dsmod user "CN=Bad Person,OU=Users,DC=companyX,DC=com" -disabled yes
You have to know the users DN. You can find it in Active Directory Users and Computers (ADUC) in the Users Properties. In the properties select the tab "Attribute Editor" tab and go to "distinguishedName". Double click on it and copy the value. Replace my sample DN CN=Bad Person,OU=Users,DC=companyX,DC=com in the script with your users DN and save it.
On your DC or on a admin workstation that have DSMOD installed, create a schedule task that run the created batch file.
One example for creating a Schedule Task on Windows Server 2008 R2:
Open the "Task Scheduler" that is located in "Administrative Tools". Right-click "Task Scheduler Libary" and select "Create Task...".
Task Settings:
-General tab
Select "Run whether user is logged on or not"
-Triggers tab
Click on "New..", select "On a schedule" and set the time you want to disable the user.
-Actions tab
Click on "New..", select "Start a program" and "Browse" to your created batch file.
Confirm all by clicking "OK" and entering your credentials or credentials from a task user.
Note: The account that run the task need the required rights to disable a User account.
Labels:
Active Directory
Subscribe to:
Posts (Atom)