全部博文(279)
分类:
2008-04-22 10:52:18
|
use warnings; use strict; use Win32::OLE; use constant ADS_UF_ACCOUNTDISABLE => 2; use constant ADS_SCOPE_SUBTREE => 2; my $objConnection = Win32::OLE->new( "ADODB.Connection" ); my $objCommand = Win32::OLE->new( "ADODB.Command" ); # open ad $objConnection -> open( "Provider=ADsDSOObject;" ); $objCommand -> = $objConnection; # search what and how $objCommand -> = "select userAccountControl,distinguishedName from 'GC://dc=china,dc=microsoft,dc=com' where objectCategory='user'"; # import all users $objCommand -> Properties -> {"Page Size"} = 1000; # search all subtree $objCommand -> Properties -> = ADS_SCOPE_SUBTREE; my $objRecordSet = Win32::OLE->new( "ADODB.Recordset" ); $objRecordSet = $objCommand->Execute( ) || die "query data from active directory error,exit\n"; while( not $objRecordSet -> eof ) { my $intUAC = $objRecordSet -> Fields("userAccountControl") -> value; # remove diable account if( not ( $intUAC & ADS_UF_ACCOUNTDISABLE ) ) { my $longName = $objRecordSet -> Fields("distinguishedName") -> value; if( $longName =~ /^CN=([\w\.\-\_]+),/ ) { print ."\n"; } } $objRecordSet -> MoveNext(); } |
