移除无效的域控制器(ADDS)Script(二)
admin
2023-07-28 09:20:06
0

移除无效的域控制器(ADDS)SCript(二)
我们上一篇介绍了使用命令行移除无效的域控制器(DC)操作,今天我们主要介绍使用VBS脚本来移除无效的域控制器,我们上一篇已经把DC2给删除了,所以我们为了测试,重新将一台服务器提升为域控制器,其实用脚本操作的过程是一样的,只是把操作过程写成了脚本而已;具体见下:
移除无效的域控制器(ADDS)Script(二)
我们首先查看Domain Controller列表
移除无效的域控制器(ADDS)Script(二)
我们准备好脚本

REM    ========================================================== 
REM                GUI Metadata Cleanup Utility 
REM                          Version 2.5 
REM    ========================================================== 
REM     This tool is furnished "AS IS". NO warranty is expressed or Implied. 

on error resume next 
dim objRoot,oDC,sPath,outval,oDCSelect,objConfiguration,objContainer,errval,ODCPath,ckdcPath,myObj,comparename 

rem =======This gets the name of the computer that the script is run on ====== 

Set sh = CreateObject("WScript.Shell") 
key= "HKEY_LOCAL_MACHINE" 
computerName = sh.RegRead(key & "\SYSTEM\CurrentControlSet\Control\ComputerName\ComputerName\ComputerName") 

rem === Get the default naming context of the domain==== 

set objRoot=GetObject("LDAP://RootDSE") 
sPath = "LDAP://OU=Domain Controllers," & objRoot.Get("defaultNamingContext") 

rem === Get the list of domain controllers==== 

Set objConfiguration = GetObject(sPath) 
For Each objContainer in objConfiguration 
    outval = outval & vbtab &  objContainer.Name & VBCRLF 
Next 
outval = Replace(outval, "CN=", "") 

rem ==Retrieve the name of the broken DC from the user and verify it's not this DC.=== 

oDCSelect= InputBox (outval," Enter the computer name to be removed","") 
comparename = UCase(oDCSelect) 

if comparename = computerName then 
    msgbox "The Domain Controller you entered is the machine that is running this script." & vbcrlf & _ 
        "You cannot clean up the metadata for the machine that is running the script!",,"Metadata Cleanup Utility Error." 
    wscript.quit 
End If 

sPath = "LDAP://OU=Domain Controllers," & objRoot.Get("defaultNamingContext") 
Set objConfiguration = GetObject(sPath) 

For Each objContainer in objConfiguration 
    Err.Clear 
    ckdcPath = "LDAP://" & "CN=" & oDCSelect & ",OU=Domain Controllers," & objRoot.Get("defaultNamingContext") 
    set myObj=GetObject(ckdcPath) 
    If err.number <>0 Then 
        errval= 1 
    End If 
Next 

If errval = 1 then 
    msgbox "The Domain Controller you entered was not found in the Active Directory",,"Metadata Cleanup Utility Error." 
    wscript.quit 
End If 

abort = msgbox ("You are about to remove all metadata for the server " & oDCSelect & "! Are you sure?",4404,"WARNING!!") 
if abort <> 6 then 
    msgbox "Metadata Cleanup Aborted.",,"Metadata Cleanup Utility Error." 
    wscript.quit 
end if 

oDCSelect = "CN=" & oDCSelect 
ODCPath ="LDAP://" & oDCselect & ",OU=Domain Controllers," & objRoot.Get("defaultNamingContext") 
sSitelist = "LDAP://CN=Sites,CN=Configuration," & objRoot.Get("defaultNamingContext") 
Set objConfiguration = GetObject(sSitelist) 
For Each objContainer in objConfiguration 
    Err.Clear 
    sitePath = "LDAP://" & oDCSelect & ",CN=Servers," &  objContainer.Name & ",CN=Sites,CN=Configuration," & _ 
        objRoot.Get("defaultNamingContext") 
    set myObj=GetObject(sitePath) 
    If err.number = 0 Then 
        siteval = sitePath 
    End If     
Next 

sFRSSysvolList = "LDAP://CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System," & _ 
    objRoot.Get("defaultNamingContext") 
Set objConfiguration = GetObject(sFRSSysvolList) 

For Each objContainer in objConfiguration 
    Err.Clear 
    SYSVOLPath = "LDAP://" & oDCSelect & ",CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System," & _ 
        objRoot.Get("defaultNamingContext") 
    set myObj=GetObject(SYSVOLPath) 
    If err.number = 0 Then 
        SYSVOLval = SYSVOLPath 
    End If 
Next 

SiteList = Replace(sSitelist, "LDAP://", "") 
VarSitelist = "LDAP://CN=Sites,CN=Configuration," & objRoot.Get("defaultNamingContext") 
Set SiteConfiguration = GetObject(VarSitelist) 

For Each SiteContainer in SiteConfiguration 
    Sitevar = SiteContainer.Name 
    VarPath ="LDAP://OU=Domain Controllers," & objRoot.Get("defaultNamingContext") 
    Set DCConfiguration = GetObject(VarPath) 
    For Each DomContainer in DCConfiguration 
        DCVar = DomContainer.Name 
        strFromServer = "" 
        NTDSPATH =  DCVar & ",CN=Servers," & SiteVar & "," & SiteList 
        GuidPath = "LDAP://CN=NTDS Settings,"& NTDSPATH  
        Set objCheck = GetObject(NTDSPATH) 
        For Each CheckContainer in objCheck 
rem ====check for valid site paths ======================= 
            ldapntdspath = "LDAP://" & NTDSPATH 
            Err.Clear 
            set exists=GetObject(ldapntdspath) 
            If err.number = 0 Then 
                Set oGuidGet = GetObject(GuidPath) 
                For Each objContainer in oGuidGet 
                    oGuid = objContainer.Name 
                    oGuidPath = "LDAP://" & oGuid & ",CN=NTDS Settings," & NTDSPATH   
                    Set objSitelink = GetObject(oGuidPath) 
                    objSiteLink.GetInfo 
                    strFromServer = objSiteLink.Get("fromServer") 
                    ispresent = Instr(1,strFromServer,oDCSelect,1) 

                    if ispresent <> 0 then 
                        Set objReplLinkVal = GetObject(oGuidPath) 
                        objReplLinkVal.DeleteObject(0) 
                    end if 
                next 

                sitedelval = "CN=" & comparename & ",CN=Servers," & SiteVar & "," & SiteList 
                if sitedelval = ntdspath then 
                    Set objguidpath = GetObject(guidpath) 
                    objguidpath.DeleteObject(0) 
                    Set objntdspath = GetObject(ldapntdspath) 
                    objntdspath.DeleteObject(0) 
                end if 
            End If 
        next 
    next 
next 
Set AccountObject = GetObject(ckdcPath) 
temp=Accountobject.Get ("userAccountControl") 
AccountObject.Put "userAccountControl", "4096" 
AccountObject.SetInfo 
Set objFRSSysvol = GetObject(SYSVOLval) 
objFRSSysvol.DeleteObject(0) 
Set objComputer = GetObject(ckdcPath) 
objComputer.DeleteObject(0) 
Set objConfig = GetObject(siteval) 
objConfig.DeleteObject(0) 
oDCSelect = Replace(oDCSelect, "CN=", "") 
msgval = "Metadata Cleanup Completed for " & oDCSelect 
msgbox  msgval,,"Notice." 
wscript.quit 

保存好脚本的扩展名为.vbs,然后保存在DC上,我们双击打开,会显示我们当前环境内所有的DC的hostname
移除无效的域控制器(ADDS)Script(二)
因为我们要删除AO2,所以我们输入AO2名称,确认即可
移除无效的域控制器(ADDS)Script(二)
如果我们输入的名称在AD中不存在就会提示一下信息
移除无效的域控制器(ADDS)Script(二)
提示确认AO2是否需要删除,确认即可
移除无效的域控制器(ADDS)Script(二)
删除完成
移除无效的域控制器(ADDS)Script(二)
删除后,我们还是同样需要检查DNS、Sites中的遗留信息,具体可以参考上一篇文章中的介绍。
注:对于上面的脚本,我已上传到了blog中,请通过以下链接进行下载;
http://down.51cto.com/data/2388307

相关内容

热门资讯

浙江宣传:“走个面儿”咋就没面... “咱北京两千多万人口,您受累,您走个面儿,把这第一波的票房带起来,咱就有了。”某知名导演的新片首映礼...
辞职声明仅95秒遭质疑,韩国队... 【环球时报综合报道】美加墨世界杯小组赛出局后,韩国队主教练洪明甫当地时间28日在墨西哥的韩国队大本营...
美媒爆料:美军第五舰队总部遭伊... 据美国《华尔街日报》27日报道,其通过对卫星图像、社交媒体视频和五角大楼记录的分析发现,今年2月底至...
英国智库给菲律宾GDP增速“浇... 【环球时报特约记者 叶满】英国经济研究机构凯投宏观发布的最新一期《亚洲经济展望》报告(以下简称“报告...
欧洲持续高温,有华人用冰箱降温... 连日来,欧洲多国迎来罕见极端高温天气,法国、德国、意大利等地气温持续飙升,部分地区突破40摄氏度。受...
伊副外长强调船只须按“伊朗线路... 伊朗外交部副部长加里巴巴迪当地时间29日晚间在接受采访时强调,所有船只均须按照“伊朗线路”通过霍尔木...
委内瑞拉强震已致1719人死亡 当地时间29日,委内瑞拉全国代表大会主席罗德里格斯通报,地震已造成该国1719人死亡,5034人受伤...
铋晟新材料申请氯氧化铋基复合材... 国家知识产权局信息显示,江苏铋晟新材料有限公司申请一项名为“一种氯氧化铋基复合材料及其制备方法和用途...
韩国政府将投资千万亿韩元于AI... 韩国总统李在明29日在总统府青瓦台主持召开会议,公布总额超千万亿韩元的半导体、物理人工智能(AI)和...
以色列防长称以伊可能随时再起冲... △卡茨(资料图)据以色列方面29日消息,以国防部长卡茨当天表示,鉴于复杂的安全局势和在黎巴嫩的军事行...