Microsoft VisualBasic 脚本 (VBScript) 本文中提供将按名称查找对象目录中并尝试清除该对象 sidHistory。 它具有用于 objectClass 和 objectCategory 以帮助搜索中可选参数。
当用户对象将从一个域移动到另一个, 新安全标识符 (SID) 必须是生成用户帐户和存储在 对象 SID 属性。 在新值写入属性, 以前值复制到用户对象, History SID - ( sidHistory ) 的其他属性。 该属性可容纳多个值。 每次用户对象移动到其他域, 新 SID 是生成并存储在 对象 SID 属性和其他值是添加到 SID - History 中旧 SID 的列表。 有时可能需要清除 sidHistory 。
以下 VBScript 代码将从命令行参数中指定目录对象删除 sidHistory 属性。
- 打开 Microsoft 记事本。
- 将以下代码复制并粘贴到记事本文档。
Const ADS_PROPERTY_DELETE = 4
Dim strFilter 'As String
Dim oConnection 'As ADODB.Connection
Dim oRecordSet 'As ADODB.RecordSet
Dim strQuery 'As String
Dim strDomainNC 'As String
Dim oRootDSE 'As IADs
Dim vArray 'As Variant()
Dim vSid 'As Variant
Dim oDirObject 'As Variant
' Parse the command line and set the query filter
ParseCommandLine()
' Find the domain naming context
set oRootDSE = GetObject("LDAP://RootDSE")
strDomainNC = oRootDSE.Get("defaultNamingContext")
set oRootDSE = Nothing
' Setup the ADO connection
Set oConnection = CreateObject("ADODB.Connection")
oConnection.Provider = "ADsDSOObject"
oConnection.Open "ADs Provider"
strQuery = "<LDAP://" & strDomainNC & ">;" & strFilter & ";distinguishedName,objectClass,name,sidHistory;subtree"
'Execute the query
set oRecordSet = oConnection.Execute(strQuery)
if oRecordSet.Eof then
WScript.Echo "No objects were found"
WScript.Quit(0)
Else
Dim vClasses 'As Variant
Dim strClass 'As String
WScript.Echo "The following objects were found:"
'On Error Resume Next
' Iterate through the objects that match the filter
While Not oRecordset.Eof
vClasses = oRecordset.Fields("objectClass").Value
strClass = vClasses(UBound(vClasses))
WScript.Echo "Name: " & oRecordset.Fields("name").Value & " Class: " & strClass & " DN: " & oRecordset.Fields("distinguishedName").Value
If IsNull(oRecordSet.Fields("sIDHistory").Value ) Then
WScript.Echo "This object does not have a sidHistory"
Else
set oDirObject = GetObject("LDAP://" & oRecordset.Fields("distinguishedName").Value)
vArray = oDirObject.GetEx("sIDHistory")
For Each vSid in vArray
oDirObject.PutEx ADS_PROPERTY_DELETE, "sIDHistory", array(vSid)
oDirObject.SetInfo
Next
WScript.Echo "The sidHistory has been cleared for this object!"
End if
oRecordset.MoveNext
Wend
End if
'Clean up
Set oRecordset = Nothing
Set oConnection = Nothing
'=========================================================================================================================
' The ParseCommandLine subroutine will build the query filter base on the arguments passed to the script. The bNameFlag
' is used so that the name given can have spaces in it.
'=========================================================================================================================
Sub ParseCommandLine()
Dim vArgs, Value, Equals, I
Dim bNameFlag 'As Boolean
Dim strName 'As String
Dim strObjectCategory 'As String
Dim strObjectClass 'As String
Set vArgs = WScript.Arguments
if VArgs.Count < 1 Then
DisplayUsage()
End if
bNameFlag = False
For I = 0 to vArgs.Count - 1
If Left( vArgs(I) , 1 ) = "/" Or Left( vArgs(I) , 1 ) = "-" Then
Value = ""
Equals = InStr( vArgs(I) , "=" )
If Equals = 0 Then Equals = InStr( vArgs(I) , ":" )
If Equals > 0 Then Value = Mid( vArgs(I) , Equals + 1 )
Select Case LCase( Mid( vArgs(I) , 2 , 1) )
Case "n" strName = Value
bNameFlag = True 'This will allow us to catch spaces
Case "o" strObjectCategory = Value
bNameFlag = False
Case "c" strObjectClass = Value
bNameFlag = False
Case Else DisplayUsage
End Select
Else 'no dash or slash; Check if we are giving a name
if bNameFlag Then
strName = strName & " " & vArgs(I)
else
DisplayUsage
end if
End if
Next
'Should be okay to build filter
If strName = "" Then
WScript.Echo "A name parameter must be given"
WScript.Quit(1)
Else
strFilter = "(&(name=" & strName & ")"
If Len(strObjectCategory) > 0 Then
strFilter = strFilter & "(objectCategory=" & strObjectCategory & ")"
End if
If Len(strObjectClass) > 0 Then
strFilter = strFilter & "(objectClass=" & strObjectClass & ")"
End if
strFilter = strFilter & ")" 'Close filter
End if
End Sub
'=========================================================================================================================
' The DisplayUsage subroutine will display how to use this script, the objectCategory and objectClass arguments are optional.
'=========================================================================================================================
Sub DisplayUsage()
WScript.Echo "Usage csript.exe " & WScript.ScriptName & vbLF & _
"-n=<name of the object you are looking for>" & vbLF & _
"[-o=<objectCategory of the object you are looking for>]" & vbLF & _
"[-c=<objectClass of the object you are looking for>]" & vbLF & vbLF & _
"Examples : " & vbLF & _
WScript.ScriptName & " -n=My Contact" & vbLF & _
WScript.ScriptName & " -n=Computer1 -o=computer" & vbLF & _
WScript.ScriptName & " -n=James Smith -o=Person -c=user"
WScript.Quit(0)
End Sub
- 将文档保存为 C:\ClearSidHistory.vbs
-
运行代码。 对于 ClearSidHistory.vbs 用法如下所示:
cscript.exe ClearSidHistory.vbs -n=<name> [-o=<objectCategory>] [-c=<objectClass>]
- n = 对象您正在查找 < 名称 >
- o = 对象您正在查找 < objectCategory >
- c = 对象您正在查找 < objectClass >
示例:
cscript.exe ClearSidHistory.vbs -n=My Contact
cscript.exe ClearSidHistory.vbs -n=Computer1 -o=computer
cscript.exe ClearSidHistory.vbs -n=James Smith -o=Person -c=user
文章编号: 295758 - 最后修改: 2005年8月30日 - 修订: 3.2
这篇文章中的信息适用于:
- Microsoft Windows 2000 Server
- Microsoft Active Directory Service Interfaces 2.5
| kbhowto kb32bitonly kbprb KB295758 KbMtzh kbmt |
机器翻译注意:这篇文章是由无人工介入的微软自动的机器翻译软件翻译完成。微软很高兴能同时提供给您由人工翻译的和由机器翻译的文章, 以使您能使用您的语言访问所有的知识库文章。然而由机器翻译的文章并不总是完美的。它可能存在词汇,语法或文法的问题,就像是一个外国人在说中文时总是可能犯这样的错误。虽然我们经常升级机器翻译软件以提高翻译质量,但是我们不保证机器翻译的正确度,也不对由于内容的误译或者客户对它的错误使用所引起的任何直接的, 或间接的可能的问题负责。如果您发现了错误并希望帮助我们提高机器翻译技术,请完成文章末尾的在线调查。
点击这里察看该文章的英文版:
295758
(http://support.microsoft.com/kb/295758/en-us/
)
Microsoft和/或其各供应商对于为任何目的而在本服务器上发布的文件及有关图形所含信息的适用性,不作任何声明。 所有该等文件及有关图形均"依样"提供,而不带任何性质的保证。Microsoft和/或其各供应商特此声明,对所有与该等信息有关的保证和条件不负任何责任,该等保证和条件包括关于适销性、符合特定用途、所有权和非侵权的所有默示保证和条件。在任何情况下,在由于使用或运行本服务器上的信息所引起的或与该等使用或运行有关的诉讼中,Microsoft和/或其各供应商就因丧失使用、数据或利润所导致的任何特别的、间接的、衍生性的损害或任何因使用而丧失所导致的之损害、数据或利润不负任何责任。
回到顶端
