The following is information and tools for dealing with a Conficker Outbreak on a Large Enterprise Network with lots of clients.
How to unlock all of your Active Directory Accounts with a script.
Const ADS_SCOPE_SUBTREE = 2
Const ADS_UF_LOCKOUT = &H10
Set objRootDSE = GetObject(“LDAP://rootDSE”)
strDNSDomain = objRootDSE.Get(“defaultNamingContext”)
Set objCommand = CreateObject(“ADODB.Command”)
Set objConnection = CreateObject(“ADODB.Connection”)
objConnection.Provider = “ADsDSOObject”
objConnection.Open “Active Directory Provider”
objCommand.ActiveConnection = objConnection
StartNode = strDNSDomain
SearchScope = “subtree”
‘Filterstring = “(&(objectCategory=Person)(objectClass=User)” _
‘& “(userAccountControl:1.2.840.113556.1.4.803:=16))” ‘find locked out accounts (bitwise)
Filterstring = “(&(objectCategory=person)(objectClass=user)(lockoutTime>=1))” ‘not sure which is better
Attributes = “adspath”
LDAPQuery = “<LDAP://” & StartNode & “>;” & FilterString & “;” _
& Attributes & “;” & SearchScope
objCommand.CommandText = LDAPQuery
objCommand.Properties(“Page Size”) = 100
objCommand.Properties(“Timeout”) = 30
objCommand.Properties(“Cache Results”) = False
Set objRecordSet = objCommand.Execute
If NOT objRecordSet.eof Then
objRecordSet.MoveFirst
While Not objRecordset.EOF
Set objuser = GetObject(objRecordSet.Fields(“AdsPath”).Value)
objUser.IsAccountLocked = False
objUser.SetInfo
objRecordSet.MoveNext
Wend
End If
objRecordset.Close
objConnection.Close
Set objRootDSE = Nothing
Set objConnection = Nothing
Set objRecordSet = Nothing
msgbox “All users are now unlocked!”
WScript.Quit(0)