BLACK THANOS
asked on
How to I identify "User must change password at next logon" attribute in Active Directory
I simply want to enumerate the accounts in active directory that have the "User must change password at next logon" box checked. I have attached a bitmap to show you what I am refering to and the code for enumeration is included. Prefereably the solution should be in vbscript or vb.
SelectValue = "REGIS T. HYDE"
SetLdapRecordSource CnUserRs, CnUserCn, SelectValue, 1
Do While Not CnUserRs.EOF
WScript.Echo CnUserRs.Fields("pwdLastSet").value
CnUserRs.Movenext
Loop
CloseTables CnUserRs,CnUserCn
Sub Get_Record_Set(ByRef RsVal)
'***********************'
'* Summary *'
'***********************'
'****************************************************************************'
'* This module will create an ado recordset object. It basically sets *'
'* aside memory allocation for the source that will be used for data *'
'* manipulation. *'
'****************************************************************************'
Set RsVal = CreateObject("ADODB.Recordset")
End Sub
Sub SetLdapRecordSource(ByRef RsTemp, ByRef cnTemp,ByRef SelectValue, ByRef CaseTemp)
Get_Record_Set RsTemp
Open_LdapConnection RsTemp, cnTemp
Select_Source RsTemp, SelectValue, CaseTemp
End Sub
Sub Open_LdapConnection(ByRef RsVal1, ByRef cnTemp)
'***********************'
'* Summary *'
'***********************'
'****************************************************************************'
'* This module will create an ado connection object. It basically allows *'
'* the recordset to attach to the appropriate ldap data source. *'
'****************************************************************************'
Const ADS_SCOPE_SUBTREE = 2
Set cnTemp = CreateObject("ADODB.Connection")
cnTemp.ConnectionString = "Provider=ADsDSOObject"
cnTemp.Open
RsVal1.ActiveConnection = cnTemp
'RsVal1.Properties("searchscope") = ADS_SCOPE_SUBTREE
RsVal1.Properties("Page Size") = 1000
RsVal1.Properties("Timeout") = 30
RsVal1.Properties("Searchscope") = ADS_SCOPE_SUBTREE
RsVal1.Properties("Cache Results") = False
RsVal1.CursorLocation = 3
RsVal1.LockType = 3
End Sub
Sub Select_Source(ByRef RsVal, Byref SelectValue ,ByVal SourceNum)
Select Case SourceNum
Case 1
RsVal.Source ="<LDAP://DC=winroot,DC=svmh,DC=com>;" & _
"(&(objectCategory=person)(objectClass=user)(cn=" & SELECTVALUE & "));" & _
"cn,pwdLastSet,distinguishedName,SamaccountName,extensionAttribute1,msExchHomeServerName,mail;subtree"
RsVal.Sort = "cn ASC"
End Select
RsVal.Open
If RsVal.EOF Then
Exit Sub
End If
RsVal.MoveFirst
End Sub
Sub CloseTables(ByRef RsVal1, ByRef cnTemp)
RsVal1.Close
cnTemp.Close
Set RsVal1 = Nothing
Set cnTemp = Nothing
End Sub
AD-USER.bmp
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
http://msdn.microsoft.com/en-us/library/aa772300(VS.85).aspx