DESCRIPTION
Bulk policy incompliance fixing
Note This code may use functions from the ARS Script Policy Best Practices. Please, follow the link to obtain instructions and code for those functions.
SCRIPT
'*********************************************************************************
' THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND,
' EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED
' WARRANTIES OF MERCHANTBILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE.
'
' IF YOU WANT THIS FUNCTIONALITY TO BE CONDITIONALLY SUPPORTED,
' PLEASE CONTACT QUEST PROFESSIONAL SERVICES.
'*********************************************************************************
'
' This code is published on the ActiveRoles Script Center:
' http://communities.quest.com/docs/DOC-9991
'
' This code may use functions from the ARS Script Policy Best Practices:
' http://communities.quest.com/docs/DOC-10016
'
' Please, follow the link to obtain instructions and code for those functions.
'*********************************************************************************
Option Explicit
'===========================================================================
' Constants
'===========================================================================
Const strNullGUID = "00000000-0000-0000-0000-000000000000"
Const strActiveDirectoryDN = "CN=Active Directory"
'===========================================================================
Const EDS_CONTROL_FIX = 4
Const EDS_CONTROL_CHECK_POLICY_COMPLIANCE = 5
'===========================================================================
' AddToArray
'===========================================================================
Sub AddToArray(ByRef Arr, ByVal Val)
ReDim Preserve Arr (UBound(Arr)+1)
If (IsObject(Val)) Then
Set Arr(UBound(Arr)) = Val
Else
Arr(UBound(Arr)) = Val
End If
End Sub ' AddToArray
'===========================================================================
' DoARSSearchRaw
'===========================================================================
Function DoARSSearchRaw (ByVal strCommand, ByVal strSortList)
Dim objConn, objCmd
Set objConn = CreateObject("ADODB.Connection")
objConn.Open "Provider=ADSDSOObject;Data Source=ADs Provider;"
Set objCmd = CreateObject("ADODB.Command")
Set objCmd.ActiveConnection = objConn
If (strSortList <> "") Then
objCmd.Properties("Size Limit") = 10
objCmd.Properties("Sort On") = strSortList
End If
objCmd.CommandText = strCommand
Set DoARSSearchRaw = objCmd.Execute
End Function ' Do ARSSearchRaw
'===========================================================================
' DoARSSearch
'===========================================================================
Function DoARSSearch (ByVal strStartingNodeDN, ByVal strLdapQuery, ByVal strAttrList, ByVal strDepth)
Dim strCommand
strCommand = "<EDMS://" & strStartingNodeDN & ">;" & strLdapQuery & ";" & strAttrList & ";" & strDepth
Set DoARSSearch = DoARSSearchRaw(strCommand, "")
End Function ' Do ARSSearch
'===========================================================================
' GetObjectGUID
'===========================================================================
Function GetObjectGUID (ByVal strADObjectDN)
Dim objADObject, objOctetString
On Error Resume Next
Set objADObject = GetObject("EDMS:" & strADObjectDN)
Set objOctetString = CreateObject("AelitaEDM.EDMOctetString")
Call objOctetString.Set(objADObject.GUID)
GetObjectGuid = objOctetString.GetGuidString()
On Error Goto 0
End Function ' GetObjectGUID
'===========================================================================
' BulkPolicyIncomplianceFixing
'===========================================================================
Sub BulkPolicyIncomplianceFixing (ByVal strStartingNodeDN, ByVal arrPolicyDN)
Dim strPolicyDN, arrPolicyGUID, strPolicyGUID
If (IsEmpty(strStartingNodeDN)) Then strStartingNodeDN = strActiveDirectoryDN
If (IsEmpty(arrPolicyDN)) Then
arrPolicyGUID = strNullGUID
Else
arrPolicyGUID = Array()
For Each strPolicyDN in arrPolicyDN
AddToArray arrPolicyGUID, GetObjectGUID(strPolicyDN)
Next
End If
Dim objADObject, objRS
' Give the rowset object with attributes
Set objRS = DoARSSearch (strStartingNodeDN, "(objectClass=*)", "distinguishedName", "SubTree")
Do While (Not objRS.EOF)
Set objADObject = GetObject("EDMS://" & objRS("distinguishedName"))
objADObject.Control(EDS_CONTROL_FIX) = arrPolicyGUID
objADObject.Control(EDS_CONTROL_CHECK_POLICY_COMPLIANCE) = arrPolicyGUID
objADObject.CheckPropertyValues()
objRS.MoveNext
Loop
End Sub ' BulkPolicyIncomplianceFixing
'===========================================================================
'== MAIN ROUTINE
'===========================================================================
' 1st param - DN of starting node -or- Empty for entire Active Directory
' 2nd param - array of DNs of policies -or- Empty for all policies
Call BulkPolicyIncomplianceFixing("OU=Sales,DC=foo,DC=com", _
Array("CN=SomePolicy1,CN=Policy Objects,CN=Configuration", _
"CN=SomePolicy2,CN=Policy Objects,CN=Configuration"))
'***** END OF CODE ***************************************************************
COMPATIBILITY
Script compatible with the following version(s): <Not specified>