Link to home
Start Free TrialLog in
Avatar of BLACK THANOS
BLACK THANOSFlag for United States of America

asked on

How to I identify "User must change password at next logon" attribute in Active Directory

I simply want to enumerate the accounts in active directory that have the "User must change password at next logon" box checked. I have attached a bitmap to show you what I am refering to and the code for enumeration is included. Prefereably the solution should be in vbscript or vb.
SelectValue = "REGIS T. HYDE"
SetLdapRecordSource CnUserRs, CnUserCn, SelectValue, 1 
 
Do While Not CnUserRs.EOF 
 
WScript.Echo CnUserRs.Fields("pwdLastSet").value
 
CnUserRs.Movenext
Loop
CloseTables CnUserRs,CnUserCn
 
 
 
 
 
Sub Get_Record_Set(ByRef RsVal)
 
'***********************'
'*       Summary       *'
'***********************'
'****************************************************************************'
'*    This module will create an ado recordset object. It basically sets    *'
'*    aside memory allocation for the source that will be used for data     *'
'*    manipulation.                                                         *'
'****************************************************************************'
   
    Set RsVal = CreateObject("ADODB.Recordset")
        
End Sub
 
 
 
Sub SetLdapRecordSource(ByRef RsTemp, ByRef cnTemp,ByRef SelectValue, ByRef CaseTemp)
    
    Get_Record_Set RsTemp
    Open_LdapConnection RsTemp, cnTemp
    Select_Source RsTemp, SelectValue, CaseTemp
   
End Sub
 
 
 
Sub Open_LdapConnection(ByRef RsVal1, ByRef cnTemp)
 
'***********************'
'*       Summary       *'
'***********************'
'****************************************************************************'
'*    This module will create an ado connection object. It basically allows *'
'*    the recordset to attach to the appropriate ldap data source.          *'
'****************************************************************************'
   
    Const ADS_SCOPE_SUBTREE = 2
    
    Set cnTemp = CreateObject("ADODB.Connection")
    cnTemp.ConnectionString = "Provider=ADsDSOObject"
    cnTemp.Open
   
    RsVal1.ActiveConnection = cnTemp
    'RsVal1.Properties("searchscope") = ADS_SCOPE_SUBTREE
    
    RsVal1.Properties("Page Size") = 1000
    RsVal1.Properties("Timeout") = 30  
    RsVal1.Properties("Searchscope") = ADS_SCOPE_SUBTREE 
    RsVal1.Properties("Cache Results") = False 
    
    
    
    
    RsVal1.CursorLocation = 3
    RsVal1.LockType = 3
   
    
End Sub
 
 
 
Sub Select_Source(ByRef RsVal, Byref SelectValue ,ByVal SourceNum)
 
 
 
Select Case SourceNum
 
 
 
Case 1
         
          RsVal.Source ="<LDAP://DC=winroot,DC=svmh,DC=com>;" & _   
          "(&(objectCategory=person)(objectClass=user)(cn=" & SELECTVALUE & "));" & _ 
          "cn,pwdLastSet,distinguishedName,SamaccountName,extensionAttribute1,msExchHomeServerName,mail;subtree" 
          RsVal.Sort = "cn ASC" 
          
 
            
        End Select
    
  
  
  RsVal.Open
  If RsVal.EOF Then
    Exit Sub
  End If
  RsVal.MoveFirst
  
 
            
    
End Sub
 
 
 
 
 
Sub CloseTables(ByRef RsVal1, ByRef cnTemp)
    RsVal1.Close
    cnTemp.Close
    Set RsVal1 = Nothing
    Set cnTemp = Nothing
End Sub

Open in new window

AD-USER.bmp
Avatar of Don
Don
Flag of United States of America image

ASKER CERTIFIED SOLUTION
Avatar of BLACK THANOS
BLACK THANOS
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial