Phantom AD user objects?

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I’ve got an asp page that retrieves user names, addresses and phone numbers
from AD to publish on our intranet. There are a couple of deleted users whose
names are still showing up (sans addresses & phone numbers). How can I purge
these objects from AD?
 
Hi,

if these are orphaned object, they will be deleted finally after 60 days,
there is no need to do anything. They already are deleted but still remain
in the AD database for this time.

Regards
Thorsten Schmitt
 
The objects have been showing up for much longer than 60 days.

Names of users who've been deleted are still showing up on the list. They're
not in an OU on the list nor is there any other information showing than
their name.

Maybe someone could help if they show what information was being pulled.

Here's the code from the asp page that pulls the information from LDAP:

On Error Resume Next

Dim objDomain,dso,Usr,backColor
Dim Child,objUsers
Dim cntContainer, srvUser, srvPwd

srvUser = "mydomain\user"
srvPwd = "password"

Set dso = GetObject("LDAP:")
Set objDomain =
dso.OpenDSObject("LDAP://mydomain.com/OU=Accounts,DC=mydomain,DC=com",
srvUser, srvPwd,1)
Set cntContainer = objDomain

If Err = 0 Then
For Each Child in cntContainer
Select case Child.class
Case "organizationalUnit"
If Child.Description <> "" then
Response.Write " <tr>" & vbCrLf
Response.Write " <th align=""left"">"
Response.Write Child.Description & "</th>" & vbCrLf
Response.Write " </tr>" & vbCrLf
Response.Write " <tr>" & vbCrLf
Response.Write " <th WIDTH=""200"" HEIGHT=""23""
align=""left"">Name</th>" & vbCrLf
Response.Write " <th WIDTH=""90"" HEIGHT=""23""
align=""left"">Work</th>" & vbCrLf
Response.Write " <th WIDTH=""90"" HEIGHT=""23""
align=""left"">Cell</th>" & vbCrLf
Response.Write " <th WIDTH=""90"" HEIGHT=""23""
align=""left"">Home</th>" & vbCrLf
Response.Write " <th WIDTH=""200"" HEIGHT=""23""
align=""left"">Address</th>" & vbCrLf
Response.Write " </tr>" & vbCrLf
End If
Set objUsers = dso.OpenDSObject("LDAP://mydomain.com/" & Child.Name &
",OU=Accounts,DC=mydomain,DC=com", srvUser, srvPwd,1)
For Each Usr in objUsers
If Usr.GivenName <> "" Then
If not Usr.AccountDisabled then
If backColor <> "#EEEEFF" Then
backColor = "#EEEEFF"
Else
backColor = "#FFFFDD"
End If
Response.Write " <tr>" & vbCrLf
Response.Write " <td bgcolor=""" & backColor & """>"
Response.Write Usr.GivenName & " " & Usr.LastName & "</td>" & vbCrLf
Response.Write " <td bgcolor=""" & backColor & """>"
Response.Write Usr.TelephoneNumber & "&nbsp;</td>" & vbCrLf
Response.Write " <td bgcolor=""" & backColor & """>"
Response.Write Usr.Mobile & "&nbsp;</td>" & vbCrLf
Response.Write " <td bgcolor=""" & backColor & """>"
Response.Write Usr.HomePhone & "&nbsp;</td>" & vbCrLf
Response.Write " <td bgcolor=""" & backColor & """>"
If Usr.streetAddress <> "" Then
Response.Write Usr.streetAddress & ", " & Usr.L & ", " & Usr.st &
"&nbsp; " & Usr.postalcode & "</td>" & vbCrLf
Else
Response.Write "&nbsp;</td>" & vbCrLf
End If
Response.Write " </tr>" & vbCrLf
End If
End If
Next
End Select
Next
else
Response.Write " <tr>" & vbCrLf
Response.Write " <td bgcolor=""#EEEEFF"">"
Response.Write err.Number & " " & err.Description & "</td>" & vbCrLf
Response.Write " </tr>" & vbCrLf
End If
 
The objects have been showing up for much longer than 60 days.


Names of users who've been deleted are still showing up on the
list. They're
not in an OU on the list nor is there any other information
showing than
their name.

Maybe someone could help if they show what information was
being pulled.

Here's the code from the asp page that pulls the information
from LDAP:

On Error Resume Next

Dim objDomain,dso,Usr,backColor
Dim Child,objUsers
Dim cntContainer, srvUser, srvPwd

srvUser = "mydomainuser"
srvPwd = "password"

Set dso = GetObject("LDAP:")
Set objDomain =
dso.OpenDSObject("LDAP://mydomain.com/OU=Accounts,DC=mydomain,DC=com",

srvUser, srvPwd,1)
Set cntContainer = objDomain

If Err = 0 Then
For Each Child in cntContainer
Select case Child.class
Case "organizationalUnit"
If Child.Description <> "" then
Response.Write " <tr>" & vbCrLf
Response.Write " <th align=""left"">"
Response.Write Child.Description & "</th>" & vbCrLf
Response.Write " </tr>" & vbCrLf
Response.Write " <tr>" & vbCrLf
Response.Write " <th WIDTH=""200"" HEIGHT=""23""
align=""left"">Name</th>" & vbCrLf
Response.Write " <th WIDTH=""90"" HEIGHT=""23""
align=""left"">Work</th>" & vbCrLf
Response.Write " <th WIDTH=""90"" HEIGHT=""23""
align=""left"">Cell</th>" & vbCrLf
Response.Write " <th WIDTH=""90"" HEIGHT=""23""
align=""left"">Home</th>" & vbCrLf
Response.Write " <th WIDTH=""200"" HEIGHT=""23""
align=""left"">Address</th>" & vbCrLf
Response.Write " </tr>" & vbCrLf
End If
Set objUsers = dso.OpenDSObject("LDAP://mydomain.com/" &
Child.Name &
",OU=Accounts,DC=mydomain,DC=com", srvUser, srvPwd,1)
For Each Usr in objUsers
If Usr.GivenName <> "" Then
If not Usr.AccountDisabled then
If backColor <> "#EEEEFF" Then
backColor = "#EEEEFF"
Else
backColor = "#FFFFDD"
End If
Response.Write " <tr>" & vbCrLf
Response.Write " <td bgcolor=""" & backColor & """>"
Response.Write Usr.GivenName & " " & Usr.LastName &
"</td>" & vbCrLf
Response.Write " <td bgcolor=""" & backColor & """>"
Response.Write Usr.TelephoneNumber & "&nbsp;</td>" &
vbCrLf
Response.Write " <td bgcolor=""" & backColor & """>"
Response.Write Usr.Mobile & "&nbsp;</td>" & vbCrLf
Response.Write " <td bgcolor=""" & backColor & """>"
Response.Write Usr.HomePhone & "&nbsp;</td>" & vbCrLf
Response.Write " <td bgcolor=""" & backColor & """>"
If Usr.streetAddress <> "" Then
Response.Write Usr.streetAddress & ", " & Usr.L & ", "
& Usr.st &
"&nbsp; " & Usr.postalcode & "</td>" & vbCrLf
Else
Response.Write "&nbsp;</td>" & vbCrLf
End If
Response.Write " </tr>" & vbCrLf
End If
End If
Next
End Select
Next
else
Response.Write " <tr>" & vbCrLf
Response.Write " <td bgcolor=""#EEEEFF"">"
Response.Write err.Number & " " & err.Description & "</td>" &
vbCrLf
Response.Write " </tr>" & vbCrLf
End If
Click to expand...

I think you are experiencing lingering objects. have you restored a
DC/GC from an old backup?

See also:
http://www.microsoft.com/technet/pr...ons/4a1f420d-25d6-417c-9d8b-6e22f472ef3c.mspx
 
Good information. I used ldp.exe to run some searches to see if I could find
the objects but they did not turn up. BTW - I'm running Windows 2000 Server.

Anyone have any more ideas?
 
Back
Top