On Error Resume Next strNetBIOSDomain = "MYDOMAIN" strLDAPinfo = "OU=Students,OU=My Users,DC=MYDOMAIN,DC=local" strInputFile = "students.csv" strOutputFile = "Results.log" Const ADS_NAME_INITTYPE_GC = 3 Const ADS_NAME_TYPE_NT4 = 3 Const ADS_NAME_TYPE_1779 = 1 Const ForReading = 1, ForWriting = 2, ForAppending = 8 Set fso = CreateObject("Scripting.FileSystemObject") Set inFile = fso.OpenTextFile(strInputFile, ForReading) Set outFile = fso.OpenTextFile(strOutputFile, ForWriting,true) outFile.WriteLine "-------------------------------" strLine = now() & " Begin Processing" outFile.WriteLine strLine Do Until inFile.AtEndOfStream strLine = inFile.Readline astrLine = split(strLine,",") outFile.WriteLine "Current User: " + astrLine(2) call ProcessAccount(strLDAPinfo,astrLine) Loop outFile.WriteLine now() & "End of Processing" outFile.WriteLine "-------------------------------" inFile.Close outFile.Close Sub ProcessAccount(strBaseOU,aLine) strSiteOU = aLine(0) strADGroupPre = aLine(1) strUser = aLine(2) strClassYr = aLine(3) 'wscript.echo strUser Set objTrans = CreateObject("NameTranslate") objTrans.Init ADS_NAME_INITTYPE_GC, "" 'wscript.echo strNetBIOSDomain & "\" & strUser 'Next line sets the translate object = to the NT name of the user objTrans.Set ADS_NAME_TYPE_NT4, strNetBIOSDomain & "\" & strUser 'wscript.echo Err.Number If Err.Number <> 0 then outFile.WriteLine "***Error on User: " + strUser + "***" Else 'Next line tells the translate object we want the Distinguished Name of the user set above strUserDN = objTrans.Get(ADS_NAME_TYPE_1779) strUserDN = Replace(strUserDN, "/", "\/") 'wscript.echo strUserDN Set objUser = GetObject("LDAP://"+strUserDN) '******************************* 'Removing a user from a group if strSiteOU <> "BLOD" then Const ADS_PROPERTY_DELETE = 4 arrMemberOf = objUser.GetEx("memberOf") For Each Group in arrMemberOf 'wscript.echo group if Group = "CN=BE-" + strClassYr + ",OU=Security Groups," + strBaseOU then Set objGroup = GetObject ("LDAP://CN=BE-" + strClassYr + ",OU=Security Groups," + strBaseOU) objGroup.PutEx ADS_PROPERTY_DELETE,"member", Array(strUserDN) objGroup.SetInfo Set objGroup = Nothing end if if Group = "CN=BW-" + strClassYr + ",OU=Security Groups," + strBaseOU then Set objGroup = GetObject ("LDAP://CN=BW-" + strClassYr + ",OU=Security Groups," + strBaseOU) objGroup.PutEx ADS_PROPERTY_DELETE,"member", Array(strUserDN) objGroup.SetInfo Set objGroup = Nothing end if if Group = "CN=NS-" + strClassYr + ",OU=Security Groups," + strBaseOU then Set objGroup = GetObject ("LDAP://CN=NS-" + strClassYr + ",OU=Security Groups," + strBaseOU) objGroup.PutEx ADS_PROPERTY_DELETE,"member", Array(strUserDN) objGroup.SetInfo Set objGroup = Nothing end if if Group = "CN=AP-" + strClassYr + ",OU=Security Groups," + strBaseOU then Set objGroup = GetObject ("LDAP://CN=AP-" + strClassYr + ",OU=Security Groups," + strBaseOU) objGroup.PutEx ADS_PROPERTY_DELETE,"member", Array(strUserDN) objGroup.SetInfo Set objGroup = Nothing end if Next End If '******************************* '******************************* 'Add User to a group Const ADS_PROPERTY_APPEND = 3 if strSiteOU <> "BLOD" then if (strADGroupPre <> "") AND (strClassYr <> "") then strNewGroup = "LDAP://CN=" + strADGroupPre + "-" + strClassYr + ",OU=Security Groups," + strBaseOU 'wscript.echo strNewGroup Set objGroup = GetObject (strNewGroup) objGroup.PutEx ADS_PROPERTY_APPEND, "member",Array(strUserDN) objGroup.SetInfo Set objGroup = nothing end if End If '******************************* '******* 'Move OU if (strSiteOU <> "") AND (strClassYr <> "") then strNewOU = "LDAP://OU=" + strClassYr + ",OU=" + strSiteOU + "," + strBaseOU Set objNewOU = GetObject(strNewOU) objNewOU.MoveHere "LDAP://" + strUserDN,vbNullString set objNewOU=nothing set objMoveUser=nothing end if '******* Set objUser = Nothing End If End Sub