Question

Locked

Windos 2003 Server - delete data from accounts not accounts themselves

By alpenny ·
I have a school as a client, who have created accounts in AD for each grade. All data generated through the year is stored therein. Now they want to clear the data, but retain the accounts, as re-creating them is time consuming. I can't access the folders, as access is denied. Anyway to delete the data, but retain the accounts?

This conversation is currently closed to new comments.

9 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

Get someone with Admin Privilages

by OH Smeg In reply to Windos 2003 Server - dele ...

To delete the data at the end of the school year.

Collapse -

Reponse To Answer

by alpenny In reply to Get someone with Admin Pr ...

I have admin rights, but am denied access to the folders where the data is stored. I suppose I can edit the permissions on each folder to grant admin access, but I was hoping for a more eloquent solution.

Collapse -

yes sometimes there are sub folders that cause an issue

by markp24 In reply to Windos 2003 Server - dele ...

you can take "ownership" of those folders and sub folder then delete them, this can also be scripted.

Collapse -

Take ownership of all of it.

by seanferd In reply to Windos 2003 Server - dele ...

Then delete the the necessary directory contents.

You probably want to revert ownership afterward.

Collapse -

Taking Ownership is a great way...

by mikeadams1137 In reply to Windos 2003 Server - dele ...

Are you familiar with VBS? You can write some scripts that can do virtually anything inside ADUC for you. If you're interested I can link you to some helpful websites. It's a great skill to have, it sounds like you are wanting to edit data contained in "OU's and Objects" located inside of ADUC? If you are wanting to edit hard data, ie: Roaming Profiles and Home Drives, then VBS script is you're best friend and it can be done systematically in roughly 30 seconds. My ADUC has around 3,000 users and if I were asked to wipe their H:\ Drives and Profiles, with only the option of "Take Ownership" available to me, I would probably hang myself or quit my job.

Collapse -

Reponse To Answer

by alpenny In reply to Taking Ownership is a gre ...

Hi Mike, Thanks for the reply. I would be interested in those links and am willing to learn VB scripts.

Collapse -

Reponse To Answer

by mikeadams1137 In reply to Taking Ownership is a gre ...

@alpenny,

No, worries. The website is located below and is safe for viewing.

http://www.activxperts.com/activmonitor/windowsmanagement/adminscripts/usersgroups/users/

Note: This is a link to another website not affiliated with Tech Republic. If you want to play it safe for your own mind of matter concerns, you can pound http://www.activxperts.com into Google.com and then navigate manually. The scripts above will allow you to easily manipulate AD&UC. Note, the scripts are just the hard code you will need to make the file .vbs, put simply... Create a text pad document, copy the script code into it, and change the file extension to .vbs Congrats on making your first VBS Script. :) If this is indeed your first.

In order for the script to run correctly, you will have to run it from your server or a directory contained on you're server. IE: Running it from your roaming profile will not work, copy it to the C: Drive of your server and run it from there preferably the Domain Controller hosting your primary FSMO Roles.

Collapse -

Removing directories within a Windows Environment

by mikeadams1137 In reply to Windos 2003 Server - dele ...

@alpenny,

Now...if you are wanting to manipulate data, ie: Home Drives, Profiles, etc...It's a bit more complicated. it's time to hop into the wonderful world of System Internals, Batch Files, and basic CL (Command Line).

System Internals put simply can be downloaded from Microsoft.Com You will install it on your workstation. Essentially it let's you do things you would not be able to do in a conventionally. It's software designed to manipulate software administered by Microsoft to assist all of us Administrators out here that are forced to work in dynamic environments, such as the one you are finding yourself in.

1) Download and Install System Internals from www.microsoft.com
2) Install on your local workstation (Check for IT management approval first)
3) Where you install the System Internals is important. It will pretty much look like you just unzipped a BUNCH of random files. You need them all. I put mine into the convenient location of D:\System Internals D:\ being my chosen local drive. This location is important as you will have to call on some text files that contain data etc...and they need to be in the same directory that you installed System Internals in!
3) I have listed some of the scripts I use to assist you.

This script below essentially is run on the computer you have System Internals on.

___________Script Starts Below________

@echo off
set /p e="username?"
d:
psexec @iprange.txt -u ABCD\%e% "\\YOURCOMPUTERNAME\batch\wingadplremove.bat"
pause
_________Script Ends Here, Below Begins Explanation______

@echo off <-- Turns off the echo of the command so it will run your code as such and not read it back to you as code. (Always have this in your batch files.)

set /p e="username?" <-- Setting the e character to username argument...we'll call on this later.

d: <--- Where I have system internals installed

psexec @iprange.txt -u ABCD\%e% "\\YOURCOMPUTERNAME\batch\wingadplremove.bat"

psexec <--- Name of specific System Internal tools I am using. (Runs scripts remotely and silently)
@iprange.txt <--- contains a list of all the IP addresses on my network, you could put all your computer names in a text file and call it mycomputers.txt if that's what you're wanting to do.
-u <-- Will prompt for username
ABCD\%e% <--- ABCD = Domain Name (Don't need the .com)\%e% <---(If your scroll up earlier we set the argument e=username, this is where that E comes into play, we are pretty much saying here...Prompt me for my user name and then a password. so..let's say my domain is ABCD, ABCD\%e% The ABCD is saying use an account on my domain (ABCD), \%e% will prompt me for an account on that domain, I would use my administrator account and then enter my password.

"\\YOURCOMPUTERNAME\batch\wingadplremove.bat"<-- Location where the batch file is stored that I want to run remotely, my batch file is named wingadplremove.bat contained inside of the \batch\ directory which is on my computer.

pause <-- Keeps the window open so you can see it that it ran, without this, it will just appear and disappear real fast.

This is your master script essentially you will use with System Internals, make it once, make it work, enjoy life.

_________Script that is deleting stuff starts below_________

@Echo Off
cls
c:
cd %PROGRAMFILES%
rmdir /s /q WINGDAPL

_________End Script That Deletes Stuff #Begin explanation________

@Echo Off<-- same as earlier

cls <-- clear the screen

c: <-- drive containing the directory I am deleting

cd %PROGRAMFILES% <--- cd = change directory, %PROGRAMFILES% = where the folder is stored in "Program Files" for instance.

rmdir /s /q WINGDAPL <--- rmdir (remove directory) /s = do it silently /q = force run :) and finally folder name WINGDAPL

Hope this helps and provides some insight, any questions ask, deployed for a bit longer and really bored. Going to sleep. Good Luck.

Back to Networks Forum
9 total posts (Page 1 of 1)  

Hardware Forums