Yeah. Correct.
The System.getModule("com.vmware.library.microsoft.activeDirectory").destroyElementRecursive(adComputer, true) does exactly the comp.destroy(true) I have mentioned before if you open the code of that action element :)
If you find the answer helpful, please click on the RECOMMEND button.
Original Message:
Sent: Dec 11, 2024 05:18 PM
From: YCHa
Subject: delete cpmputer account with Recursive
Have you tried with System.getModule("com.vmware.library.microsoft.activeDirectory").destroyElementRecursive(adComputer, true)?
Original Message:
Sent: Dec 11, 2024 08:12 AM
From: kuku Forever
Subject: delete cpmputer account with Recursive
Hi there,
I really appreciate you trying to help me.
really thanks
but again,
some facts
The user has permissions and it's not an OU problem!
Adding the Recursive command helps mostly on older machines
what is happening right now
The process tries to execute the command comp.destroy();
If he doesn't succeed, he comes to PS and delete with Recursive
I'm trying to improve the process through Javascript if the Recursive command
THX
Original Message:
Sent: Dec 10, 2024 10:32 AM
From: WhiteForEver
Subject: delete cpmputer account with Recursive
Hi there,
Thanks for clarifying and providing the script.
Let's start with the -Recursive parameter. As I mentioned earlier, in almost all cases, recursion is unnecessary when deleting a computer account. The only reason I can think of why it's working for you is that your computer object is located in a sub OU. If that's the case, you'll need to specify a full path to the Remove-ADObject command to resolve the recursion issue.
In addition, you might not have the necessary permissions to remove computer accounts from certain parts of the directory, especially if the account is in a specific OU that requires elevated privileges. Using -Recursive might be bypassing certain restrictions in your case, though this is less common.
Now let's back to vRO. As I mentioned, destroy method accepts parameters; comp.destroy(true) should remove the computer account if it's located in the nested OU.
Please test it in the test environment.
PS. I'd like to suggest a minor improvement to your code if I may.
The getComputerAccountFromForest() action is searching for an exact computer name because of the getComputerAD() method. If it finds the computer, it returns its object. Therefore, there's no need to check again in the if (vmName.toLowerCase() == comp.name.toLowerCase()) line.
In addition, foreach loops does not support breaking the loop. Therefore, the return the will not work.
So, all you need to do is check if the comp variable is not empty and, if so, exit the method early (best practice). If comp is not empty, you can destroy the it. It's a good idea to put the destroy method in a try block because this action might fail.
var comp = System.getModule("kuku.com").getComputerAccountFromForest(vmName,adHost);if (comp!) throw new Error("Could not find the computer account for name " + vmName)System.log("Deleting " + comp + ")try { comp.destroy();} catch (e) { throw new Error("Failed to destroy " + comp + ")}######################################################var adHosts = Server.findAllForType("AD:AdHost", "My-Domain.com");var foundComputer = false;for (var i = 0; i < adHosts.length; i++) { var adHost = adHosts[i]; System.log("Looking for " + computerName + " in " + adHost.name); if (ActiveDirectory.getComputerAD(computerName, adHost)) { foundComputer = true; break; }}if (!foundComputer) { System.log("Computer " + computerName + " not found in any AD host.");}
------------------------------
If you find the answer helpful, please click on the RECOMMEND button.
Please visit my blog to get more information: https://www.clouddepth.com
Original Message:
Sent: Dec 10, 2024 05:41 AM
From: kuku Forever
Subject: delete cpmputer account with Recursive
HI WhiteForEver and all
first this is the script "getComputerAccountFromForest"
var adHosts = Server.findAllForType("AD:AdHost","My-Domain.com");
for each (ad in adHosts) {
var comp = ActiveDirectory.getComputerAD(computerName, ad);
System.log("Looking for " + computerName + " in " + ad.name)
if (comp)
{
return comp;
}
}
var adHosts = Server.findAllForType("AD:AdHost","My-Domain.com");for each (ad in adHosts) { var comp = ActiveDirectory.getComputerAD(computerName, ad); System.log("Looking for " + computerName + " in " + ad.name) if (comp) { return comp; }}
its return
dunesId , @type , name, distinguishedName, objectCategoryName, objectCategory and more
Remmber my script works fine , but some time (old computer account) its not delete the computer from the Active Directory
for example I have computer "USER04-SRV4"
- when I run the command in PS -
Remove-ADComputer -Identity "USER04-SRV4" its not delete the computer accound!!
2. but when I run the command Get-ADComputer -Identity "USER04-SRV4"| Remove-ADObject -Recursive -Confirm:$false is Delete the computer
I now my script In javascript comp.destroy(); its the same like the first example
so. I need to know how to delete conputer account with Javascript and with -Recursive command
I hope its clear now
Thank you
Original Message:
Sent: Dec 06, 2024 11:24 AM
From: WhiteForEver
Subject: delete cpmputer account with Recursive
Hi there,
Unfortunately, there are a few missing or incorrect details in the question.
First, there's no built-in action called `getComputerAccountFromForest`. It seems like you might have written it yourself, so we can't determine what it returns. I'm guessing it probably returns a single or an array of AD_Computer objects, since that's the only class with a `destroy()` method.
Second, `Get-ADComputer -Identity $vmName` returns a single object, so there's no need for a recursion.
Third, in your example, `comp.destroy()` should be inside the IF statement so that it only deletes the computer object if it's found.
Since you likely want to delete a specific computer object from AD once found, I'm not sure which recursive function you need. Ensure that step 3 is corrected, and everything should function as intended.
PS. I think destroy() method requires a boolean parameter following the vRO's API.
------------------------------
If you find the answer helpful, please click on the RECOMMEND button.
Please visit my blog to get more information: https://www.clouddepth.com
Original Message:
Sent: Nov 28, 2024 07:53 AM
From: kuku Forever
Subject: delete cpmputer account with Recursive
hi
Recently I have been having difficulties deleting Computer Account object from AD
Sometimes it works and sometimes it doesn't and the problem is related to Recursive (hope I'm defining correctly)
If I run this command through powershell the object is deleted
Get-ADComputer -Identity $vmName | Remove-ADObject -Credential $cred -Recursive -Confirm:$false
But via javascript in VRO unfortunately does not work
This is the javascript commandvar comp = System.getModule("kuku.com").getComputerAccountFromForest(vmName,adHost);
System.log(comp)
if (vmName.toLowerCase() == comp.name.toLowerCase()){
System.log("Found Computer: "+comp.name);
}
comp.destroy();
Again I mention, if there is no Recursive problem the command works properly
THX