Conditional account management - find + replace values in AD

This script searches through all accounts in the domain d2.acme.com and replaces logon script "oldscript.bat" with "newscript.bat. Accounts with other logon script than "oldscript.bat" are not affected. It is of course possible to use any other account property as criteria; some examples: set password by group membership, set home directory by profile etc.

[Settings_Begin]
BatchSettings.Delimiter=TAB
BatchSettings.MarkerCol=4
BatchSettings.MarkersAutoRemove=Yes

SET ADDomainPath=dc=com/dc=acme/dc=D2
SET ADOUPath=%col3%
[Settings_End]

[Machines_Begin]
\\EDU8      NT PDC    
[Machines_End]

[Init_Batch_Begin]
Data.Get.AD Container,%ADDomainPath%, User, Yes, CN§1§ScriptPath§2§ADpath§3§   
[Init_Batch_End]

[Batch_Begin]
Data.Loop   
 IF %col2%=oldscript.bat THEN   
  AD.Account.SetProperty %ADOUPath%, LoginScript, newscript.bat   
 ENDIF
Data.EndLoop   
[Batch_End]

[Data_Begin]
[Data_End]

About the script

·	Fill [Data] section with accounts in domain, extract ADpath to column 3

·	Loop [Data] section

·	If second column is "oldscript.bat" then change logonscript to "newscript.bat", refer to accounts by ADpath in column three

How to make SetupBatcher ask before modifying anything

Replace the [Batch] section with this code

[Batch_Begin]
Data.Loop   
  IF %col2%=oldscript.bat THEN   
   MessageBox Change script for %ADOUPath%?, Ask   
    IF %LastMessageBox%=Yes THEN   
     AD.Account.SetProperty %ADOUPath%, LoginScript, newscript.bat
    ENDIF   
  ENDIF   
Data.EndLoop   
[Batch_End]

The MessageBox command displays a dialog with a "yes" and a "no" button.

Another option is to use a Data.Show command in the [Init] section.