The following will list all disabled domain accounts in one's domain. Lot's more work to do here though !

Notice how one can trap objects of the "user" type - other objects are groups and services, etc !

The intent with this one was to great the foundation for a domain user auditing tool.

Lot's of other possibilities here me thinks !

code:

---

break on

if $pipe
 del "$pipe"
 $rs = redirectoutput ( "$pipe" )
endif

$domain_name = "development"

$domain = olegetobject ( 0, "WinNT://$domain_name" )
if @error
 ?"Error connecting to WinNT provider for domain $domain_name"
 ?"Error @error : @serror"
 goto finish
endif

$objects = oleenumobject ( $domain )
if @error
 ?"Error getting enumeration handle from domain $domain_name"
 ?"Error @error : @serror"
 goto finish
endif

?
?"Listing of disabled accounts in the $domain_name domain..."

while @error = 0

 $object = oleenumobject ( $domain, $objects )

 if @error = 0

  if olegetproperty ( $object, "class" ) = "user"

   if olegetproperty ( $object, "accountdisabled" ) = "-1"

    ?
    ? "Username             " olegetproperty ( $object, "name" )
    ? "Fullname             " olegetproperty ( $object, "fullname" )
    ? "Comment              " olegetproperty ( $object, "description" )

   endif

  endif

  $rs = olereleaseobject ( $object )

 endif

loop

:finish

if $object
  $rs = olereleaseobject ( $object )
endif

if $objects
  $rs = olereleaseobject ( $objects )
endif

if $domain
 $rs = olereleaseobject ( $domain )
endif

?

exit

---

Shawn.

[This message has been edited by Shawn (edited 15 August 2000).]