Enable Active Directory user account via VBScript

Description

In this article, I am going to explain and give VBScript source code to Enable Active Directory user account via VBScript using user’s objectguid, samAccountName and distinguishedname and also Enable Bulk AD Users from CSV file using VBScript.

Note: You should run this VBScript code on a machine with windows Active Directory domain.

Summary

Enable Active Directory user using VBScript with user’s DN

1. Copy the below example VBScript code and paste it in notepad or a VBScript editor.
2. Change the value for strUserDN with your own user’s DN which you are going to enable.
3. Save the file with a .vbs extension, for example: Enable-AD-User.vbs
4. Double-click the vb script file (or Run this file from command window) to enable AD user.

Click to get VBScript source code as a file Download Enable-AD-User.vbs

' Enable-AD-User.vbs
' Sample VBScript to enable Active Directory user
' Author: https://www.morgantechspace.com/
' ------------------------------------------------------' 
Option Explicit
Dim strUserDN
Dim objUser 

strUserDN= "CN=TestUser,OU=TestOU1,DC=MyDomain,DC=Com"
Set objUser = GetObject("LDAP://"& strUserDN) 
objUser.AccountDisabled = FALSE
objUser.SetInfo

MsgBox("AD user enabled successfully using VBScript code.")

WScript.Quit 

Enable AD user using VBScript with user’s ObjectGUID

1. Copy the below example VBScript code and paste it in notepad or a VBScript editor.
2. Change the value for strUserGUID with your own user’s ObjectGUID string which you are going to enable.
3. Save the file with a .vbs extension, for example: EnableADUserWithGUID.vbs
4. Double-click the vb script file (or Run this file from command window) to enable AD user.

Click the following link to get VBScript source code as a file

Click  to get VBScript source code as a file Download EnableADUserWithGUID.vbs

' EnableADUserWithGUID.vbs
' Sample VBScript to enable AD user with ObjectGUID
' Author: https://www.morgantechspace.com/
' ------------------------------------------------------' 
Option Explicit
Dim strUserGUID
Dim objUser 

strUserGUID= "A777394D-0B5C-4FD2-BDDC-B12DDFB570A4"
Set objUser = GetObject("LDAP://<guid="& struserguid&">")
objUser.AccountDisabled = FALSE
objUser.SetInfo

MsgBox("AD user enabled successfully using VBScript code.")

WScript.Quit 

Enable AD user using VBScript with user’s samAccountName

1. Copy the below example VBScript code and paste it in notepad or a VBScript editor.
2. Change the value for strUserName with your own user’s samAccountName which you are going to enable.
3. Save the file with a .vbs extension, for example: EnableADUserWithsamAccountName.vbs
4. Double-click the vb script file (or Run this file from command window) to enable AD user.

Click to get VBScript source code as a file Download EnableADUserWithsamAccountName.vbs

' EnableADUserWithsamAccountName.vbs
' Sample VBScript to enable AD user .
' Author: https://www.morgantechspace.com/
' ------------------------------------------------------' 

Option Explicit
Dim adoCommand, adoConnection
Dim varBaseDN, varFilter, varAttributes
Dim objRootDSE, varDNSDomain, strQuery, adoRecordset,strUserDN
Dim strSamAccountName,objUser

' Setup ADO objects.
Set adoCommand = CreateObject("ADODB.Command")
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"
Set adoCommand.ActiveConnection = adoConnection

' Search entire Active Directory domain.
Set objRootDSE = GetObject("LDAP://RootDSE")

varDNSDomain = objRootDSE.Get("defaultNamingContext")
varBaseDN = "<LDAP://" & varDNSDomain & ">"

strSamAccountName="Test"

' Filter on user objects.
varFilter = "(&(objectCategory=person)(objectClass=user)(samaccountname="& strSamAccountName &"))"

' Comma delimited list of attribute values to retrieve.
varAttributes = "samaccountname,distinguishedname"

' Construct the LDAP syntax query.
strQuery = varBaseDN & ";" & varFilter & ";" & varAttributes & ";subtree"
adoCommand.CommandText = strQuery
adoCommand.Properties("Page Size") = 1000
adoCommand.Properties("Timeout") = 20
adoCommand.Properties("Cache Results") = False

' Run the query.
Set adoRecordset = adoCommand.Execute

' Enumerate the resulting recordset.
Do Until adoRecordset.EOF
    ' Retrieve values and display.
    strUserDN = adoRecordset.Fields("distinguishedname").value
    Set objUser = GetObject("LDAP://"& strUserDN) 
        objUser.AccountDisabled = FALSE
        objUser.SetInfo

    ' Move to the next record in the recordset.
    adoRecordset.MoveNext
Loop

  If strUserDN = "" then
      Msgbox "No user found with the name '"& strSamAccountName &"'"
    Else  Msgbox "The user '"& strSamAccountName &"' enabled successfully..."
   end if

' close ado connections.
adoRecordset.Close
adoConnection.Close

Enable AD user using VBScript with user’s samAccountName as Dynamic Input

1. Copy the below example VBScript code and paste it in notepad or a VBScript editor.
2. Save the file with a .vbs extension, for example: EnableADUserWithDynamicSamAccountName.vbs
3. Double-click the vb script file (or Run this file from command window) to enable AD user.
4. Enter the samAccountName of the user in the input text box and click OK to proceed.

Click to get VBScript code Download EnableADUserWithDynamicSamAccountName.vbs

' EnableADUserWithDynamicSamAccountName.vbs
' Sample VBScript to enable AD user .
' Author: https://www.morgantechspace.com/
' ------------------------------------------------------' 

Option Explicit
Dim adoCommand, adoConnection
Dim varBaseDN, varFilter, varAttributes
Dim objRootDSE, varDNSDomain, strQuery, adoRecordset,strUserDN
Dim strSamAccountName,objUser

' Setup ADO objects.
Set adoCommand = CreateObject("ADODB.Command")
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"
Set adoCommand.ActiveConnection = adoConnection

' Search entire Active Directory domain.
Set objRootDSE = GetObject("LDAP://RootDSE")

varDNSDomain = objRootDSE.Get("defaultNamingContext")
varBaseDN = "<LDAP://" & varDNSDomain & ">"

' Asks samAccountName from user.
Do
   strSamAccountName = InputBox ("Please enter user's samAccountName")
   If strSamAccountName = "" then
      Msgbox "No samAccountName entered"
   end if
Loop Until strSamAccountName <> ""

' Filter on user objects.
varFilter = "(&(objectCategory=person)(objectClass=user)(samaccountname="& strSamAccountName &"))"

' Comma delimited list of attribute values to retrieve.
varAttributes = "samaccountname,distinguishedname"

' Construct the LDAP syntax query.
strQuery = varBaseDN & ";" & varFilter & ";" & varAttributes & ";subtree"
adoCommand.CommandText = strQuery
adoCommand.Properties("Page Size") = 1000
adoCommand.Properties("Timeout") = 20
adoCommand.Properties("Cache Results") = False

' Run the query.
Set adoRecordset = adoCommand.Execute

' Enumerate the resulting recordset.
Do Until adoRecordset.EOF
    ' Retrieve values and display.
    strUserDN = adoRecordset.Fields("distinguishedname").value
    Set objUser = GetObject("LDAP://"& strUserDN) 
        objUser.AccountDisabled = FALSE
        objUser.SetInfo

    ' Move to the next record in the recordset.
    adoRecordset.MoveNext
Loop

  If strUserDN = "" then
      Msgbox "No user found with the name '"& strSamAccountName &"'"
    Else  Msgbox "The user '"& strSamAccountName &"' enabled successfully..."
   end if

' close ado connections.
adoRecordset.Close
adoConnection.Close

Enable Bulk AD users From CSV File using VBScript

1. Copy the below example VBScript code and paste it in notepad or a VBScript editor.
2. Save the file with a .vbs extension, for example: EnableBulkADUsersFromCSV.vbs
3. Change the CSV file path C:UsersAdministratorDesktopAll_Users.csv with your own file path.
4. Double-click the VBScript file (or Run this file from command window) to enable Bulk AD users from CSV file.

Note: Your CSV file (All_Users.csv)  should contains the column objectguid as a first column, otherwise you need to change the index value 0 to other value here… csvUserFields(0) which depends on your column index of objectguid in CSV file

Bulk AD users Enable From CSV File using VBScript

Click to get VBScript code Download EnableBulkADUsersFromCSV.vbs

' EnableBulkADUsersFromCSV.vbs
' Sample VBScript to Enable AD Users from CSV file .
' Author: https://www.morgantechspace.com/
' ------------------------------------------------------' 

Option Explicit

Dim strUserGUID,objUser 

' Variables needed for CSV File Information
Dim varFileName,objFSO,objFile,csvUserFields
Const ForReading = 1

' Specify the csv file full path.
varFileName = "C:\UsersAdministratorDesktopAll_Users.csv"

' Open the file for reading.
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.OpenTextFile(varFileName, ForReading)

' Read the first line - csv columns -not needed for our proceess
objFile.ReadLine

' Skip the error if the user doesn't exist.....
on error resume next

' Read the file and create new user.
Do Until objFile.AtEndOfStream
    ' Splits prioperty values.
    csvUserFields = Split(objFile.ReadLine,",")

' All_Users.csv file should contains the column objectguid as first column
' Otherwise you need change the index value 0 to other value here...csvUserFields(0)...
' which depends on your column index of objectguid in CSV file.

     strUserGUID =  csvUserFields(0)
 Set objUser = GetObject("LDAP://<GUID="& strUserGUID &">")
     objUser.AccountDisabled = FALSE
     objUser.SetInfo
Loop

MsgBox("Bulk AD Users enabled from CSV file using VBScript.")

WScript.Quit 

Advertisement

Leave a Comment