Once you have created the user accounts in a domain, you will more than likely need to modify them at some point. The modifications may consist only of changing individual properties of a user, such as the description or name fields. In these cases, you can perform the change manually or write a command-line script as shown in the next section. In some situations, you will need to make a large number of changes to your user accounts, as would be the case if you changed the name of your login script and wanted to point all users at the new script.

For Windows NT and even Active Directory domains, you can use the IADsContainer::Filter method to iterate through all the objects of a particular type. Thus, changing all users’ login script is a pretty easy to do:

Option Explicit
On Error Resume Next
Dim objDomain, objUser
Set objDomain = GetObject("WinNT://MYCORP")
objDomain.Filter = Array("User")
'**********************************************************************
' Iterate over each user and set the LoginScript 
' Print an error if one occurs
'**********************************************************************
for each objUser in objDomain
   objUser.LoginScript = "login-new.vbs"
   objUser.SetInfo
   
   if Err.Number <> 0 Then
      Wscript.Echo objUser.Name & " error occurred"
      Err.Clear
   Else
      Wscript.Echo objUser.Name & " modified"
   End if
next

While the previous code is straightforward, it is also limiting. The only filter option you have is object type, such as all users, ...