• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1237
  • Last Modified:

Active Directory account expiration

I am trying to find an Active Directory account expiration script (not password expiration) that will notify users via email that their account will expire in X no of days
0
irishutopia
Asked:
irishutopia
  • 4
  • 3
  • 2
  • +1
1 Solution
 
irishutopiaAuthor Commented:
I am looking for AD account expiration not password expiration, this will not help....
0
 
-DJL-Commented:
The code below would need to be run as a login script.  

If you want to a script that you can schedule to run like one above you will need merge the two scripts.  All the information you need is there.
Dim strUserName, strCrDate, objAcctExp, CrUser
Dim strCrDomain, strAcctExp, strSysInfo
Dim UserInfo, strDateDiff, strEmail
 
set strSysInfo = CreateObject("ADSystemInfo")
Set CrUser = GetObject("LDAP://" & strSysInfo.Username & "")
 
strCrDate = Date()
 
strAcctExp = CrUser.AccountExpirationDate
strEmail = CrUser.Mail
 
strDateDiff = datediff("d", strCrDate, strAcctExp)
 
If (strDateDiff <= 5) AND (strDateDiff > 0)  Then 
	SendEmail strDateDiff, strEmail
Else
	wscript.quit
End If
 
Sub SendEmail (days, email)
 
HTML = "<!DOCTYPE HTML PUBLIC""-//IETF//DTD HTML//EN"">"
HTML = HTML & "<HTML><HEAD><TITLE>Account Expiration</TITLE></HEAD>"
HTML = HTML & "<BODY style='BORDER-RIGHT: white 1px solid; PADDING-RIGHT: 10px; BORDER-TOP: #002f91 8px solid;"
HTML = HTML & "PADDING-LEFT: 10px; SCROLLBAR-FACE-COLOR: #cce6ff; FONT-SIZE: 10pt; PADDING-BOTTOM: 10px;"
HTML = HTML & "MARGIN: 10px 10px 10px 10px; SCROLLBAR-HIGHLIGHT-COLOR: #002f91; BORDER-LEFT: #002f91 8px solid;"
HTML = HTML & "SCROLLBAR-SHADOW-COLOR: #002f91; SCROLLBAR-3DLIGHT-COLOR: #002f91; SCROLLBAR-ARROW-COLOR: #002f91;"
HTML = HTML & "PADDING-TOP: 10px; SCROLLBAR-TRACK-COLOR: #002f91; BORDER-BOTTOM: #002f91 8px solid;"
HTML = HTML & "FONT-FAMILY: Tahoma; SCROLLBAR-DARKSHADOW-COLOR: #002f91; FONT-FAMILY: arial; BACKGROUND-COLOR: #cce6ff'>"
HTML = HTML & "<TABLE width='100%' border=0 valign='top'>"
HTML = HTML & "  <TBODY>"
HTML = HTML & "  <TR>"
HTML = HTML & "    <TD width='100%'>"
HTML = HTML & "      <DIV align=center>"
HTML = HTML & "      <CENTER>"
HTML = HTML & "        <TABLE cellSpacing=0 cellPadding=0 width='100%' border=0>"
HTML = HTML & "          <TBODY>"
HTML = HTML & "          <TR>"
HTML = HTML & "            <TD dheight=25>"
HTML = HTML & "              <h3 align=center>Account Expiration</h3>"
HTML = HTML & "            </TD>"
HTML = HTML & "          </TR>"
HTML = HTML & "          </TBODY>"
HTML = HTML & "        </TABLE>"
HTML = HTML & "      </CENTER>"
HTML = HTML & "      </DIV>"
HTML = HTML & "    </TD>"
HTML = HTML & "  </TR>"
HTML = HTML & "  <TR>"
HTML = HTML & "    <TD>"
HTML = HTML & "      <TABLE width='100%' cellpadding='20'>"
HTML = HTML & "        <TBODY>"
HTML = HTML & "        <TR bgColor=#ffffff>"
HTML = HTML & "          <TD width='100%' aheight=15>"
HTML = HTML & "            <font face='Arial' size='2'>"
HTML = HTML & "              Your account will Expire in " & days & " days."
HTML = HTML & "              <p />"
HTML = HTML & "            </font>"
HTML = HTML & "          </TD>"
HTML = HTML & "        </TR>"
HTML = HTML & "        </TBODY>"
HTML = HTML & "      </TABLE>"
HTML = HTML & "    </TD>"
HTML = HTML & "  </TR>"
HTML = HTML & "  </TBODY>"
HTML = HTML & "</TABLE>"
HTML = HTML & "</BODY>"
HTML = HTML & "</HTML>"
 
 
	Dim objMessage
	Set objMessage = CreateObject("CDO.Message") 
	
	objMessage.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
	objMessage.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "MAILSERVER"
	objMessage.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25 
	objMessage.Configuration.Fields.Update
 
	objMessage.Subject = "Account Expiration" 
	objMessage.From = "administrators@mydomain.com" 
	objMessage.To = email
	objMessage.HTMLBody = HTML
	objMessage.Send
 
End Sub

Open in new window

0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
irishutopiaAuthor Commented:
Thank you for the script, I was looking to implement this as a scheduled task so i can run this daily for our contractors whose account expire every X days. This is urgent and I was wondering if you would have a script that would do that. I am not good with scripting and it will take me a while to merge both the scripts...
0
 
-DJL-Commented:
Just written this - should do what you want.  Let me know if you want a hand changing the email body.  You will need to update the constants at the top of the script with your servers/domain names etc


Note: you use this at your own risk.  If it destroys your AD or sets your building on fire its got nothing to do with me.



On Error Resume Next
 
Const WARNING_PERIOD = 5 ' Number of days before expiration to warn the user
Const FROM_EMAIL_ADDRESS = "admin@yourdomain.com" 
Const EMAIL_SUBJECT = "Account Expiration"
Const MAIL_SERVER = "mail.yourdomain.com"
Const LDAP = "dc=yourdomain,dc=com"
Const ADS_SCOPE_SUBTREE = 2
 
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand =   CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection
 
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE 
 
objCommand.CommandText = "SELECT AdsPath FROM 'LDAP://" & LDAP & "' WHERE objectCategory='user'"
Set objRecordSet = objCommand.Execute
 
objRecordSet.MoveFirst
Do Until objRecordSet.EOF
	Set objUser = GetObject(objRecordSet.Fields("AdsPath").Value)
	
	strName = objUser.givenName & " " &objUser.sn
 
	strExpDate = objUser.AccountExpirationDate
	strEmail = objUser.mail
	strToday = Date()
 
	strDateDiff = datediff("d", strToday, strExpDate)	
 
	If (strDateDiff <= WARNING_PERIOD) AND (strDateDiff > 0)  Then 
		SendEmail strDateDiff, strEmail
	End If
 
    objRecordSet.MoveNext
Loop
 
' Wscript.Echo "Script Finished"
 
Sub SendEmail (days, email)
 
HTML = "<!DOCTYPE HTML PUBLIC""-//IETF//DTD HTML//EN"">"
HTML = HTML & "<HTML><HEAD><TITLE>Account Expiration</TITLE></HEAD>"
HTML = HTML & "<BODY style='BORDER-RIGHT: white 1px solid; PADDING-RIGHT: 10px; BORDER-TOP: #002f91 8px solid;"
HTML = HTML & "PADDING-LEFT: 10px; SCROLLBAR-FACE-COLOR: #cce6ff; FONT-SIZE: 10pt; PADDING-BOTTOM: 10px;"
HTML = HTML & "MARGIN: 10px 10px 10px 10px; SCROLLBAR-HIGHLIGHT-COLOR: #002f91; BORDER-LEFT: #002f91 8px solid;"
HTML = HTML & "SCROLLBAR-SHADOW-COLOR: #002f91; SCROLLBAR-3DLIGHT-COLOR: #002f91; SCROLLBAR-ARROW-COLOR: #002f91;"
HTML = HTML & "PADDING-TOP: 10px; SCROLLBAR-TRACK-COLOR: #002f91; BORDER-BOTTOM: #002f91 8px solid;"
HTML = HTML & "FONT-FAMILY: Tahoma; SCROLLBAR-DARKSHADOW-COLOR: #002f91; FONT-FAMILY: arial; BACKGROUND-COLOR: #cce6ff'>"
HTML = HTML & "<TABLE width='100%' border=0 valign='top'>"
HTML = HTML & "  <TBODY>"
HTML = HTML & "  <TR>"
HTML = HTML & "    <TD width='100%'>"
HTML = HTML & "      <DIV align=center>"
HTML = HTML & "      <CENTER>"
HTML = HTML & "        <TABLE cellSpacing=0 cellPadding=0 width='100%' border=0>"
HTML = HTML & "          <TBODY>"
HTML = HTML & "          <TR>"
HTML = HTML & "            <TD dheight=25>"
HTML = HTML & "              <h3 align=center>Account Expiration</h3>"
HTML = HTML & "            </TD>"
HTML = HTML & "          </TR>"
HTML = HTML & "          </TBODY>"
HTML = HTML & "        </TABLE>"
HTML = HTML & "      </CENTER>"
HTML = HTML & "      </DIV>"
HTML = HTML & "    </TD>"
HTML = HTML & "  </TR>"
HTML = HTML & "  <TR>"
HTML = HTML & "    <TD>"
HTML = HTML & "      <TABLE width='100%' cellpadding='20'>"
HTML = HTML & "        <TBODY>"
HTML = HTML & "        <TR bgColor=#ffffff>"
HTML = HTML & "          <TD width='100%' aheight=15>"
HTML = HTML & "            <font face='Arial' size='2'>"
HTML = HTML & "              Your account will Expire in " & days & " days."
HTML = HTML & "              <p />"
HTML = HTML & "            </font>"
HTML = HTML & "          </TD>"
HTML = HTML & "        </TR>"
HTML = HTML & "        </TBODY>"
HTML = HTML & "      </TABLE>"
HTML = HTML & "    </TD>"
HTML = HTML & "  </TR>"
HTML = HTML & "  </TBODY>"
HTML = HTML & "</TABLE>"
HTML = HTML & "</BODY>"
HTML = HTML & "</HTML>"
 
 
	Dim objMessage
	Set objMessage = CreateObject("CDO.Message") 
	
	objMessage.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
	objMessage.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserver") = MAIL_SERVER
	objMessage.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25 
	objMessage.Configuration.Fields.Update
 
	objMessage.Subject = EMAIL_SUBJECT 
	objMessage.From = FROM_EMAIL_ADDRESS
	objMessage.To = email
	objMessage.HTMLBody = HTML
	objMessage.Send
 
End Sub

Open in new window

0
 
irishutopiaAuthor Commented:
Thank you so much, testing it right now in our test environment. Also wanted to find out if it would be difficult to notify the helpdesk too at the same time with a list of expired accounts too..
0
 
-DJL-Commented:
Did the script work in your environment?

The script below will notify the helpdesk of the users the script has warned about account expiration.

If you want a script to trawl AD and find expired accounts you'll have to open another question.
On Error Resume Next
 
Const WARNING_PERIOD = 5 ' Number of days before expiration to warn the user
Const FROM_EMAIL_ADDRESS = "accountalerts@mydomain.com"
Const ADMIN_EMAIL_ADDRESS = "helpdesk@mydomain.com" 
Const EMAIL_SUBJECT = "Account Expiration"
Const MAIL_SERVER = "mail.mydomain.com"
 
Const LDAP = "dc=mydomain,dc=com"
 
Const ADS_SCOPE_SUBTREE = 2
 
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand =   CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection
 
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE 
 
objCommand.CommandText = "SELECT AdsPath FROM 'LDAP://" & LDAP & "' WHERE objectCategory='user'"
Set objRecordSet = objCommand.Execute
 
strAdmin = "Users who have been notifed about account expiration:"
 
objRecordSet.MoveFirst
Do Until objRecordSet.EOF
	
	dim strAdmin
 
	Set objUser = GetObject(objRecordSet.Fields("AdsPath").Value)
	
	strName = objUser.givenName & " " &objUser.sn
 
	strExpDate = objUser.AccountExpirationDate
	strEmail = objUser.mail
	strToday = Date()
	
	strDateDiff = datediff("d", strToday, strExpDate)	
 
	If (strDateDiff <= WARNING_PERIOD) AND (strDateDiff > 0)  Then 
		
		strAdmin = strAdmin & "<br />" & strEmail & " - Expires in " & strDateDiff & " days"
		SendEmail "Your account will Expire in " & strDateDiff & " days.", strEmail
		
	End If
 
 
    objRecordSet.MoveNext
Loop
 
SendEmail strAdmin, ADMIN_EMAIL_ADDRESS
 
' Wscript.Echo "Script Finished"
 
Sub SendEmail (message, email)
 
HTML = "<!DOCTYPE HTML PUBLIC""-//IETF//DTD HTML//EN"">"
HTML = HTML & "<HTML><HEAD><TITLE>Account Expiration</TITLE></HEAD>"
HTML = HTML & "<BODY style='BORDER-RIGHT: white 1px solid; PADDING-RIGHT: 10px; BORDER-TOP: #002f91 8px solid;"
HTML = HTML & "PADDING-LEFT: 10px; SCROLLBAR-FACE-COLOR: #cce6ff; FONT-SIZE: 10pt; PADDING-BOTTOM: 10px;"
HTML = HTML & "MARGIN: 10px 10px 10px 10px; SCROLLBAR-HIGHLIGHT-COLOR: #002f91; BORDER-LEFT: #002f91 8px solid;"
HTML = HTML & "SCROLLBAR-SHADOW-COLOR: #002f91; SCROLLBAR-3DLIGHT-COLOR: #002f91; SCROLLBAR-ARROW-COLOR: #002f91;"
HTML = HTML & "PADDING-TOP: 10px; SCROLLBAR-TRACK-COLOR: #002f91; BORDER-BOTTOM: #002f91 8px solid;"
HTML = HTML & "FONT-FAMILY: Tahoma; SCROLLBAR-DARKSHADOW-COLOR: #002f91; FONT-FAMILY: arial; BACKGROUND-COLOR: #cce6ff'>"
HTML = HTML & "<TABLE width='100%' border=0 valign='top'>"
HTML = HTML & "  <TBODY>"
HTML = HTML & "  <TR>"
HTML = HTML & "    <TD width='100%'>"
HTML = HTML & "      <DIV align=center>"
HTML = HTML & "      <CENTER>"
HTML = HTML & "        <TABLE cellSpacing=0 cellPadding=0 width='100%' border=0>"
HTML = HTML & "          <TBODY>"
HTML = HTML & "          <TR>"
HTML = HTML & "            <TD dheight=25>"
HTML = HTML & "              <h3 align=center>Account Expiration</h3>"
HTML = HTML & "            </TD>"
HTML = HTML & "          </TR>"
HTML = HTML & "          </TBODY>"
HTML = HTML & "        </TABLE>"
HTML = HTML & "      </CENTER>"
HTML = HTML & "      </DIV>"
HTML = HTML & "    </TD>"
HTML = HTML & "  </TR>"
HTML = HTML & "  <TR>"
HTML = HTML & "    <TD>"
HTML = HTML & "      <TABLE width='100%' cellpadding='20'>"
HTML = HTML & "        <TBODY>"
HTML = HTML & "        <TR bgColor=#ffffff>"
HTML = HTML & "          <TD width='100%' aheight=15>"
HTML = HTML & "            <font face='Arial' size='2'>"
HTML = HTML & message
HTML = HTML & "              <p />"
HTML = HTML & "            </font>"
HTML = HTML & "          </TD>"
HTML = HTML & "        </TR>"
HTML = HTML & "        </TBODY>"
HTML = HTML & "      </TABLE>"
HTML = HTML & "    </TD>"
HTML = HTML & "  </TR>"
HTML = HTML & "  </TBODY>"
HTML = HTML & "</TABLE>"
HTML = HTML & "</BODY>"
HTML = HTML & "</HTML>"
 
 
	Dim objMessage
	Set objMessage = CreateObject("CDO.Message") 
	
	objMessage.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
	objMessage.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserver") = MAIL_SERVER
	objMessage.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25 
	objMessage.Configuration.Fields.Update
 
	objMessage.Subject = EMAIL_SUBJECT 
	objMessage.From = FROM_EMAIL_ADDRESS
	objMessage.To = email
	objMessage.HTMLBody = HTML
	objMessage.Send
 
End Sub

Open in new window

0
 
irishutopiaAuthor Commented:
Thank you for the script, it did work in the test environment
0
 
MANNATEAMCommented:
is there a way to also copy the manager of the user?
0
 
dkumar82Commented:
DJL-

Its working but , have some false accounts names , even account expiry set to never.. any Suggestion
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 4
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now