Solved

How to automatically uncheck Password Never Expires for all user in an OU?

Posted on 2004-08-24
4
543 Views
Last Modified: 2008-03-10
Hello Experts!  I'm looking for a way to AUTOMATICALY uncheck the "Password Never Expires" option on user account properties for all users under an OU.  What would be the easiest way to do this?
0
Comment
Question by:mb2010
  • 2
  • 2
4 Comments
 
LVL 20

Accepted Solution

by:
Debsyl99 earned 250 total points
ID: 11888338
Hi
You could use a vb script - Try paste the following into a text file, add your relevant ou and dc and rename the file to yourfile.vbs ensuring a .vbs extension and a name you'll recognise, then test the script on a test ou prior to applying it,

Const ADS_UF_DONT_EXPIRE_PASSWD = &h10000
Set OU = GetObject("LDAP://OU=yourou, DC=yourdomain,DC=com")
'Gather each username.
For Each oUser In OU
'Make sure they are only USER class.
If oUser.Class = "user" Then
intUAC = oUser.Get("userAccountControl")
If ADS_UF_DONT_EXPIRE_PASSWD AND intUAC Then
oUser.Put "userAccountControl", intUAC XOR _
ADS_UF_DONT_EXPIRE_PASSWD
oUser.SetInfo
End If
End If
Next
Wscript.echo "All password expiry settings for the ou are unchecked"
Wscript.Quit

Deb :))
0
 

Author Comment

by:mb2010
ID: 11895358
Works perfect!  I LOVE IT!

Thanks much!!
0
 
LVL 20

Expert Comment

by:Debsyl99
ID: 11895384
Thanks - glad to help!

Deb :))
0
 

Author Comment

by:mb2010
ID: 11895668
Forgot to ask.  Will this script work on the sub OUs also?  If not, I need it to do so.  Thanks much!
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question