howto://disable accounts with a script

by Ed Fisher on 2010-02-26

in Infrastructure

cli[1]

 

Today’s post is short and sweet, and fully in line with the lazy approach that I took going into this problem. I found myself with a handful of ancient accounts in need of shooting////err, disabling, with the following caveats. I had a list that only contained their sAMAccountNames, this had to be done at the crack of dawn on a Sunday morning, and I wasn’t inclined to put a great deal of effort into this. What could I possibly do that wouldn’t involve missing my beauty sleep?

 

Answer: create a simple scriptlet and schedule a task. Now sure, I could use DSMOD to do this, but DSMOD likes to use UPNs. Remember, I only had sAMAccountNames to work with. And I probably should have done something with PowerShell, seeing as how the only real way to learn something is to use it. See the intro about effort for more on that! But way back in the dark ages of NT, long before Microsoft had a directory service, we used to kick it old school with net commands. These tried but true commands could be used to create users, add them to groups, reset passwords, view shares, start and stop services, and even disable accounts. Just what I needed…the net user cmd.

So I took one cup list of users, conveniently enough called users.txt, and I mixed it with one level teaspoon of cmdline in a file I called disableusers.cmd that contains this…

  for /f %%I in (c:\scratch\users.txt) do net user %%I /active:no /domain >> results.txt  [enter]

and then, if this were truly a retro kind of hack, I would have blended it in a cmd prompt by scheduling it like a real man with AT. Sadly, Windows 7 has basically deprecated AT, and schtasks.exe is teh suck, so I figured I would  just use Task Scheduler and be done with it. After more than an hour of troubleshooting this (why the hell can’t you just view tasks you’ve scheduled??? Seriously, WTF is that all about???) I finally figured out that using Windows 7 with UAC still on means needing to make sure to set the task to "Run with the highest privileges." Narf!

You might also enjoy:

  1. howto://bulk modify user home directory paths with dsmod
  2. net user command reference and examples
  3. howto://Fix 0×80070422 errors with Microsoft Forefront or Windows Update
  4. Creating DHCP reservations at the command line

Tagged as: cli, howto, windows

Leave a Comment

CommentLuv Enabled
You can link your twitter feed here @

Previous post:

Next post: