溫馨提示×
您好,登錄后才能下訂單哦!
點擊 登錄注冊 即表示同意《億速云用戶服務條款》
您好,登錄后才能下訂單哦!
移除無效的域控制器(ADDS)SCript(二)
我們上一篇介紹了使用命令行移除無效的域控制器(DC)操作,今天我們主要介紹使用VBS腳本來移除無效的域控制器,我們上一篇已經把DC2給刪除了,所以我們為了測試,重新將一臺服務器提升為域控制器,其實用腳本操作的過程是一樣的,只是把操作過程寫成了腳本而已;具體見下:
我們首先查看Domain Controller列表
我們準備好腳本
REM ==========================================================
REM GUI Metadata Cleanup Utility
REM Version 2.5
REM ==========================================================
REM This tool is furnished "AS IS". NO warranty is expressed or Implied.
on error resume next
dim objRoot,oDC,sPath,outval,oDCSelect,objConfiguration,objContainer,errval,ODCPath,ckdcPath,myObj,comparename
rem =======This gets the name of the computer that the script is run on ======
Set sh = CreateObject("WScript.Shell")
key= "HKEY_LOCAL_MACHINE"
computerName = sh.RegRead(key & "\SYSTEM\CurrentControlSet\Control\ComputerName\ComputerName\ComputerName")
rem === Get the default naming context of the domain====
set objRoot=GetObject("LDAP://RootDSE")
sPath = "LDAP://OU=Domain Controllers," & objRoot.Get("defaultNamingContext")
rem === Get the list of domain controllers====
Set objConfiguration = GetObject(sPath)
For Each objContainer in objConfiguration
outval = outval & vbtab & objContainer.Name & VBCRLF
Next
outval = Replace(outval, "CN=", "")
rem ==Retrieve the name of the broken DC from the user and verify it's not this DC.===
oDCSelect= InputBox (outval," Enter the computer name to be removed","")
comparename = UCase(oDCSelect)
if comparename = computerName then
msgbox "The Domain Controller you entered is the machine that is running this script." & vbcrlf & _
"You cannot clean up the metadata for the machine that is running the script!",,"Metadata Cleanup Utility Error."
wscript.quit
End If
sPath = "LDAP://OU=Domain Controllers," & objRoot.Get("defaultNamingContext")
Set objConfiguration = GetObject(sPath)
For Each objContainer in objConfiguration
Err.Clear
ckdcPath = "LDAP://" & "CN=" & oDCSelect & ",OU=Domain Controllers," & objRoot.Get("defaultNamingContext")
set myObj=GetObject(ckdcPath)
If err.number <>0 Then
errval= 1
End If
Next
If errval = 1 then
msgbox "The Domain Controller you entered was not found in the Active Directory",,"Metadata Cleanup Utility Error."
wscript.quit
End If
abort = msgbox ("You are about to remove all metadata for the server " & oDCSelect & "! Are you sure?",4404,"WARNING!!")
if abort <> 6 then
msgbox "Metadata Cleanup Aborted.",,"Metadata Cleanup Utility Error."
wscript.quit
end if
oDCSelect = "CN=" & oDCSelect
ODCPath ="LDAP://" & oDCselect & ",OU=Domain Controllers," & objRoot.Get("defaultNamingContext")
sSitelist = "LDAP://CN=Sites,CN=Configuration," & objRoot.Get("defaultNamingContext")
Set objConfiguration = GetObject(sSitelist)
For Each objContainer in objConfiguration
Err.Clear
sitePath = "LDAP://" & oDCSelect & ",CN=Servers," & objContainer.Name & ",CN=Sites,CN=Configuration," & _
objRoot.Get("defaultNamingContext")
set myObj=GetObject(sitePath)
If err.number = 0 Then
siteval = sitePath
End If
Next
sFRSSysvolList = "LDAP://CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System," & _
objRoot.Get("defaultNamingContext")
Set objConfiguration = GetObject(sFRSSysvolList)
For Each objContainer in objConfiguration
Err.Clear
SYSVOLPath = "LDAP://" & oDCSelect & ",CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System," & _
objRoot.Get("defaultNamingContext")
set myObj=GetObject(SYSVOLPath)
If err.number = 0 Then
SYSVOLval = SYSVOLPath
End If
Next
SiteList = Replace(sSitelist, "LDAP://", "")
VarSitelist = "LDAP://CN=Sites,CN=Configuration," & objRoot.Get("defaultNamingContext")
Set SiteConfiguration = GetObject(VarSitelist)
For Each SiteContainer in SiteConfiguration
Sitevar = SiteContainer.Name
VarPath ="LDAP://OU=Domain Controllers," & objRoot.Get("defaultNamingContext")
Set DCConfiguration = GetObject(VarPath)
For Each DomContainer in DCConfiguration
DCVar = DomContainer.Name
strFromServer = ""
NTDSPATH = DCVar & ",CN=Servers," & SiteVar & "," & SiteList
GuidPath = "LDAP://CN=NTDS Settings,"& NTDSPATH
Set objCheck = GetObject(NTDSPATH)
For Each CheckContainer in objCheck
rem ====check for valid site paths =======================
ldapntdspath = "LDAP://" & NTDSPATH
Err.Clear
set exists=GetObject(ldapntdspath)
If err.number = 0 Then
Set oGuidGet = GetObject(GuidPath)
For Each objContainer in oGuidGet
oGuid = objContainer.Name
oGuidPath = "LDAP://" & oGuid & ",CN=NTDS Settings," & NTDSPATH
Set objSitelink = GetObject(oGuidPath)
objSiteLink.GetInfo
strFromServer = objSiteLink.Get("fromServer")
ispresent = Instr(1,strFromServer,oDCSelect,1)
if ispresent <> 0 then
Set objReplLinkVal = GetObject(oGuidPath)
objReplLinkVal.DeleteObject(0)
end if
next
sitedelval = "CN=" & comparename & ",CN=Servers," & SiteVar & "," & SiteList
if sitedelval = ntdspath then
Set objguidpath = GetObject(guidpath)
objguidpath.DeleteObject(0)
Set objntdspath = GetObject(ldapntdspath)
objntdspath.DeleteObject(0)
end if
End If
next
next
next
Set AccountObject = GetObject(ckdcPath)
temp=Accountobject.Get ("userAccountControl")
AccountObject.Put "userAccountControl", "4096"
AccountObject.SetInfo
Set objFRSSysvol = GetObject(SYSVOLval)
objFRSSysvol.DeleteObject(0)
Set objComputer = GetObject(ckdcPath)
objComputer.DeleteObject(0)
Set objConfig = GetObject(siteval)
objConfig.DeleteObject(0)
oDCSelect = Replace(oDCSelect, "CN=", "")
msgval = "Metadata Cleanup Completed for " & oDCSelect
msgbox msgval,,"Notice."
wscript.quit 保存好腳本的擴展名為.vbs,然后保存在DC上,我們雙擊打開,會顯示我們當前環境內所有的DC的hostname
因為我們要刪除AO2,所以我們輸入AO2名稱,確認即可
如果我們輸入的名稱在AD中不存在就會提示一下信息
提示確認AO2是否需要刪除,確認即可
刪除完成
刪除后,我們還是同樣需要檢查DNS、Sites中的遺留信息,具體可以參考上一篇文章中的介紹。
注:對于上面的腳本,我已上傳到了blog中,請通過以下鏈接進行下載;
http://down.51cto.com/data/2388307
免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。
