Removing a proxy address from an NT Account

Occasionally it might be necessary to remove one or more items from the ProxyAddresses array in AD, this array contains all the SMTP addresses stamped on the AD object.   Here’s a VBScript that you can use to clean proxies off your AD accounts.

1) Change the highlighted DC=Contoso,DC=COM at the top of the script to match your domain, you can specify sub-OUs by modifying the LDAP query.

 2) Change the highlighted @CONTOSO.LOCAL at the bottom of the script to match the SMTP domains you want to remove from each user object.


on error resume next


Set oConn = CreateObject(“ADODB.Connection”)
Set oCMD = CreateObject(“ADODB.Command”)
oConn.Provider = “ADsDSOObject”
oConn.Properties(“ADSI Flag”) = 1
oConn.Open “Active Directory Provider”
Set oCMD.ActiveConnection = oConn
oCMD.Properties(“Page Size”) = 20000
oCMD.Properties(“Searchscope”) = 2 ‘subtree“sort on”) = “msExchHomeServerName”

oCMD.CommandText = “<DC=CONTOSO,DC=COM>;(&(homemdb=*));proxyAddresses,cn,sAMAccountName,distinguishedName;subtree
set oRecordSet =  oCMD.Execute
wscript.echo oRecordSet.recordcount

Do While oRecordSet.EOF = False
 do ‘for escaping
   strDN = oRecordSet.Fields(“distinguishedName”).Value
   strProxyAddresses = oRecordSet.Fields(“proxyAddresses”).Value
   sAdCn = oRecordSet.Fields(“CN”).value
   sSAMid = oRecordSet.Fields(“sAMAccountName”).value

   If IsNull(strProxyAddresses) Then
     Exit Do

          If isArray(strProxyAddresses) = True Then
            For each strProxyAddress in strProxyAddresses

            If InStr(strProxyAddress,”@CONTOSO.LOCAL“) > 0 Then
              WScript.Echo “User : ” & sADcn
              WScript.Echo ” Removing address : ” & strProxyAddress
              Set objUser = GetObject(“LDAP://” & strDN)
              objUser.PutEx 4, “proxyAddresses”, array(strProxyAddress)
            End If
          end if
   Exit Do
   End If
 loop ‘for esaping


Leave a Reply