Clear all Active Directory users’ manager attribute

Clear all Active Directory users’ manager attribute. See POC video http://screencast-o-matic.com/watch/cDeUQw1uBB

Option Explicit

Dim adoCommand
Dim adoConnection
Dim objRootDSE
Dim strDNSDomain
Dim strBase
Dim strFilter
Dim strAttributes
Dim strQuery
Dim adoRecordset
Dim strDN
Dim objUser
  
Const ADS_PROPERTY_CLEAR = 1 
  
' Setup ADO objects.
Set adoCommand = CreateObject("ADODB.Command")
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"
Set adoCommand.ActiveConnection = adoConnection
  
' Search entire Active Directory domain.
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("defaultNamingContext")
strBase = "<LDAP://" & strDNSDomain & ">"
  
' Filter for users
strFilter = "(&(objectCategory=person)(objectClass=user))"
  
' Comma delimited list of attribute values to retrieve.
strAttributes = "distinguishedName"
  
' Construct the LDAP syntax query.
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
adoCommand.CommandText = strQuery
adoCommand.Properties("Page Size") = 100
adoCommand.Properties("Timeout") = 30
adoCommand.Properties("Cache Results") = False
  
' Run the query.
Set adoRecordset = adoCommand.Execute
  
' Enumerate the resulting recordset.
Do Until adoRecordset.EOF
  
    ' Retrieve values.
    strDN = adoRecordset.Fields("distinguishedName").Value
    ' Bind to the user object.
    Set objUser = GetObject("LDAP://" & strDN)
 
    ' Clear the manager attribute.
    objUser.PutEx ADS_PROPERTY_CLEAR, "manager", 0
 
    ' Save change to AD.
    objUser.SetInfo
    ' Move to the next record in the recordset.
    adoRecordset.MoveNext
Loop
 
' Clean up.
adoRecordset.Close
adoConnection.Close

Leave a Reply