Query local user database for date password last changed
I have a handy VB script that shows the date users last changed their passwords in AD. I can't find anything similar for a standalone machine.
I found this bit of code on Technet (http://www.microsoft.com/technet/scriptcenter/resources/qanda/jul05/hey0705.mspx)
strComputer = "atl-ws-01"
Set objUser = GetObject("WinNT://" & strComputer & "/kenmyer")
intPasswordAge = objUser.PasswordAge
intPasswordAge = intPasswordAge * -1
dtmChangeDate = DateAdd("s", intPasswordAge, Now)
WScript.Echo "Password last changed: " & dtmChangeDate
I'm completely not a VB guy and I'm posting it here because I'm hoping someone already has such a script in 'good ol' command line syntax, otherwise I was thinking of trying to make this bit of code more usable by passing it the contents of a 'net user'...
I found this bit of code on Technet (http://www.microsoft.com/technet/scriptcenter/resources/qanda/jul05/hey0705.mspx)
strComputer = "atl-ws-01"
Set objUser = GetObject("WinNT://" & strComputer & "/kenmyer")
intPasswordAge = objUser.PasswordAge
intPasswordAge = intPasswordAge * -1
dtmChangeDate = DateAdd("s", intPasswordAge, Now)
WScript.Echo "Password last changed: " & dtmChangeDate
I'm completely not a VB guy and I'm posting it here because I'm hoping someone already has such a script in 'good ol' command line syntax, otherwise I was thinking of trying to make this bit of code more usable by passing it the contents of a 'net user'...
Your program worked fine for me too btw and returned the same date... strComputer is the computername and /kenmyer the (local) username on there.
ASKER
Wow. Your code is so much shorter and simpler than the VB.
I didn't remember that this was a valid option with the net user command. I was refering to the fact that if you use 'net user' without any other text or switches it returns a list of all users. I was going to find a way to take the output of that and feed it into the .vb above... now I want to figure out how to take your sweet code and feed it the contents of 'net user' as the variables... hmmm...
I didn't remember that this was a valid option with the net user command. I was refering to the fact that if you use 'net user' without any other text or switches it returns a list of all users. I was going to find a way to take the output of that and feed it into the .vb above... now I want to figure out how to take your sweet code and feed it the contents of 'net user' as the variables... hmmm...
What are you after it doing? At the moment effectively it strips the line from "net user username" using find and pulls out the two fields using the for. let me know and I might be able to do now, otherwise tomorrow. Off to bed shortly!
Steve
Steve
ASKER
So this gives a list of all users (maybe there's another way I don't know?)
C:\Documents and Settings\ps>net user
User accounts for \\XP1275
--------------------------
admin Administrator ASPNET
Guest HelpAssistant SUPPORT_388945a0
The command completed successfully.
I want to output all the users pw-last changed date to a file.
I imagine it would look like this in logic:
get net user output, and strip extra characters.
take each username and feed to your existing code
(existing code outputs to text file)
loop until done.
C:\Documents and Settings\ps>net user
User accounts for \\XP1275
--------------------------
admin Administrator ASPNET
Guest HelpAssistant SUPPORT_388945a0
The command completed successfully.
I want to output all the users pw-last changed date to a file.
I imagine it would look like this in logic:
get net user output, and strip extra characters.
take each username and feed to your existing code
(existing code outputs to text file)
loop until done.
Ahh OK. Making an assumption here that there are no spaces in the usernames...
@echo off
for /f "skip=4 tokens=1,2,3" %%a in ('net user ^| find /v "The command"') do call
:process %%a & call :process %%b & call :process %%a %%b %%c
goto end
:process
for /f "tokens=4,5" %%a in ('net user %1 ^| find "Password last set"') do echo %1 last set %%a at %%b
:end
@echo off
for /f "skip=4 tokens=1,2,3" %%a in ('net user ^| find /v "The command"') do call
:process %%a & call :process %%b & call :process %%a %%b %%c
goto end
:process
for /f "tokens=4,5" %%a in ('net user %1 ^| find "Password last set"') do echo %1 last set %%a at %%b
:end
That wrapped a bit funny,
@echo off
for /f "skip=4 tokens=1,2,3" %%a in ('net user ^| find /v "The command"') do call :process %%a & call :process %%b & call :process %%a %%b %%c
goto end
:process
for /f "tokens=4,5" %%a in ('net user %1 ^| find "Password last set"') do echo %1 last set %%a at %%b
:end
@echo off
for /f "skip=4 tokens=1,2,3" %%a in ('net user ^| find /v "The command"') do call :process %%a & call :process %%b & call :process %%a %%b %%c
goto end
:process
for /f "tokens=4,5" %%a in ('net user %1 ^| find "Password last set"') do echo %1 last set %%a at %%b
:end
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I see you want it in a text file. How about CSV with the computername too :-)
@echo off
REM Set output file. Could be writable share e.g. \\server\share\info\passwo
set output=c:\output.csv
for /f "skip=4 tokens=1,2,3" %%a in ('net user ^| find /v "The command"') do call :process %%a & call :process %%b & call :process %%c
goto end
:process
REM
for /f "tokens=4,5" %%a in ('net user %1 ^| find "Password last set"') do echo %computername%,%1,%%a,%%b >> %output%
:end
@echo off
REM Set output file. Could be writable share e.g. \\server\share\info\passwo
set output=c:\output.csv
for /f "skip=4 tokens=1,2,3" %%a in ('net user ^| find /v "The command"') do call :process %%a & call :process %%b & call :process %%c
goto end
:process
REM
for /f "tokens=4,5" %%a in ('net user %1 ^| find "Password last set"') do echo %computername%,%1,%%a,%%b >> %output%
:end
ASKER
Perfect. Thank you!
Outputs to file:
------------------
@echo off
set logfile=results.csv
echo Username,Date,Time >>%logfile%
for /f "skip=4 tokens=1,2,3" %%a in ('net user ^| find /v "The command"') do call :process %%a & call :process %%b & call :process %%c
goto end
:process
for /f "tokens=4,5" %%a in ('net user %1 ^| find "Password last set"') do echo %1,%%a,%%b >>%logfile%
:end
Outputs to file:
------------------
@echo off
set logfile=results.csv
echo Username,Date,Time >>%logfile%
for /f "skip=4 tokens=1,2,3" %%a in ('net user ^| find /v "The command"') do call :process %%a & call :process %%b & call :process %%c
goto end
:process
for /f "tokens=4,5" %%a in ('net user %1 ^| find "Password last set"') do echo %1,%%a,%%b >>%logfile%
:end
ASKER
That's great - you inferred I wanted a csv. =)
No problem. Phew I thought you was going to ask for that to run on all your machines then and we'd have 3 nested for loops.... actually not to difficult, shove it in your login script or use psexec ;-)
ASKER
nah, I'd use psexec for that...
I do have one tweak now that I've used it on a couple of machines, it would be great if I could have it also pick up 2 more fields for the CSV... not sure how to incorporate that...
Account Active and
Account expires
I do have one tweak now that I've used it on a couple of machines, it would be great if I could have it also pick up 2 more fields for the CSV... not sure how to incorporate that...
Account Active and
Account expires
Try these (untested as not on windows pc at the moment) to replace the current second for line. Bit inefficient running the command three times. I suppose the other way would be to check using a for loop and if against each line of the output of net user rather than three find commands:
for /f "tokens=4,5" %%a in ('net user %1 ^| find "Password last set"') do set pass1=%%a & set pass2=%%b
for /f "tokens=4,5" %%a in ('net user %1 ^| find /i "Account active"') do set pass3=%%a & set pass4=%%b
for /f "tokens=4,5" %%a in ('net user %1 ^| find /i "Account expires"') do set pass5=%%a & set pass6=%%b
echo %compuername%,%1,%pass1%,%
for /f "tokens=4,5" %%a in ('net user %1 ^| find "Password last set"') do set pass1=%%a & set pass2=%%b
for /f "tokens=4,5" %%a in ('net user %1 ^| find /i "Account active"') do set pass3=%%a & set pass4=%%b
for /f "tokens=4,5" %%a in ('net user %1 ^| find /i "Account expires"') do set pass5=%%a & set pass6=%%b
echo %compuername%,%1,%pass1%,%
ASKER
a little tweaking on the tokens line, and it works....
@echo off
set logfile=results.csv
echo Username,Date,Time,Active?
for /f "skip=4 tokens=1,2,3" %%a in ('net user ^| find /v "The command"') do call :process %%a & call :process %%b & call :process %%c
goto end
:process
for /f "tokens=4,5" %%a in ('net user %1 ^| find "Password last set"') do set cdate=%%a & set ctime=%%b
for /f "tokens=3" %%a in ('net user %1 ^| find /i "Account active"') do set cActive=%%a
for /f "tokens=3" %%a in ('net user %1 ^| find /i "Account expires"') do set cExpires=%%a
echo %1,%cdate%,%ctime%,%cActiv
:end
Thanks!
@echo off
set logfile=results.csv
echo Username,Date,Time,Active?
for /f "skip=4 tokens=1,2,3" %%a in ('net user ^| find /v "The command"') do call :process %%a & call :process %%b & call :process %%c
goto end
:process
for /f "tokens=4,5" %%a in ('net user %1 ^| find "Password last set"') do set cdate=%%a & set ctime=%%b
for /f "tokens=3" %%a in ('net user %1 ^| find /i "Account active"') do set cActive=%%a
for /f "tokens=3" %%a in ('net user %1 ^| find /i "Account expires"') do set cExpires=%%a
echo %1,%cdate%,%ctime%,%cActiv
:end
Thanks!
ASKER
one other fine tune... skips empty lines (no username in position 2,3 of net user command)
@echo off
set logfile=results.csv
echo Username,Date,Time,Active?
for /f "skip=4 tokens=1,2,3" %%a in ('net user ^| find /v "The command"') do call :process %%a & call :process %%b & call :process %%c
goto end
:process
if "%1"=="" goto :end
for /f "tokens=4,5" %%a in ('net user %1 ^| find "Password last set"') do set cdate=%%a & set ctime=%%b
for /f "tokens=3" %%a in ('net user %1 ^| find /i "Account active"') do set cActive=%%a
for /f "tokens=3" %%a in ('net user %1 ^| find /i "Account expires"') do set cExpires=%%a
echo %1,%cdate%,%ctime%,%cActiv
:end
@echo off
set logfile=results.csv
echo Username,Date,Time,Active?
for /f "skip=4 tokens=1,2,3" %%a in ('net user ^| find /v "The command"') do call :process %%a & call :process %%b & call :process %%c
goto end
:process
if "%1"=="" goto :end
for /f "tokens=4,5" %%a in ('net user %1 ^| find "Password last set"') do set cdate=%%a & set ctime=%%b
for /f "tokens=3" %%a in ('net user %1 ^| find /i "Account active"') do set cActive=%%a
for /f "tokens=3" %%a in ('net user %1 ^| find /i "Account expires"') do set cExpires=%%a
echo %1,%cdate%,%ctime%,%cActiv
:end
Good point, was typing it on a pda at midnight so forgive me :-)
Looks like you can write rest yourself now anyway!
Good luck
Steve
Looks like you can write rest yourself now anyway!
Good luck
Steve
@echo off
if "%1"=="" echo Enter %0 username to get last password change date
for /f "tokens=4,5" %%a in ('net user %1 ^| find "Password last set"') do echo Date is %%a & echo Time is %%b