Removing all the Groups from a User

This script is normally used by passing the argument of the username by executing cscript script.vbs <username> but the username could easily be hardcoded.

Set vArgs = WScript.Arguments

UserName = vArgs(0)

Const ADS_PROPERTY_DELETE = 4
Const E_ADS_PROPERTY_NOT_FOUND  = &h8000500D

strUserPath = "LDAP://" & Username
Set objUser = GetObject(strUserPath)
arrMemberOf = objUser.GetEx("memberOf")

For Each Group in arrMemberOf
Set objGroup = GetObject("LDAP://" & Group)
objGroup.PutEx ADS_PROPERTY_DELETE, "member", Array(UserName)
objGroup.SetInfo
Next

 
 
 

Leave a Reply