Solved

How to I identify "User must change password at next logon" attribute in Active Directory

Posted on 2009-06-29
2
892 Views
Last Modified: 2012-08-13
I simply want to enumerate the accounts in active directory that have the "User must change password at next logon" box checked. I have attached a bitmap to show you what I am refering to and the code for enumeration is included. Prefereably the solution should be in vbscript or vb.
SelectValue = "REGIS T. HYDE"

SetLdapRecordSource CnUserRs, CnUserCn, SelectValue, 1 
 

Do While Not CnUserRs.EOF 
 

WScript.Echo CnUserRs.Fields("pwdLastSet").value
 

CnUserRs.Movenext

Loop

CloseTables CnUserRs,CnUserCn
 
 
 
 
 

Sub Get_Record_Set(ByRef RsVal)
 

'***********************'

'*       Summary       *'

'***********************'

'****************************************************************************'

'*    This module will create an ado recordset object. It basically sets    *'

'*    aside memory allocation for the source that will be used for data     *'

'*    manipulation.                                                         *'

'****************************************************************************'

   

    Set RsVal = CreateObject("ADODB.Recordset")

        

End Sub
 
 
 

Sub SetLdapRecordSource(ByRef RsTemp, ByRef cnTemp,ByRef SelectValue, ByRef CaseTemp)

    

    Get_Record_Set RsTemp

    Open_LdapConnection RsTemp, cnTemp

    Select_Source RsTemp, SelectValue, CaseTemp

   

End Sub
 
 
 

Sub Open_LdapConnection(ByRef RsVal1, ByRef cnTemp)
 

'***********************'

'*       Summary       *'

'***********************'

'****************************************************************************'

'*    This module will create an ado connection object. It basically allows *'

'*    the recordset to attach to the appropriate ldap data source.          *'

'****************************************************************************'

   

    Const ADS_SCOPE_SUBTREE = 2

    

    Set cnTemp = CreateObject("ADODB.Connection")

    cnTemp.ConnectionString = "Provider=ADsDSOObject"

    cnTemp.Open

   

    RsVal1.ActiveConnection = cnTemp

    'RsVal1.Properties("searchscope") = ADS_SCOPE_SUBTREE

    

    RsVal1.Properties("Page Size") = 1000

    RsVal1.Properties("Timeout") = 30  

    RsVal1.Properties("Searchscope") = ADS_SCOPE_SUBTREE 

    RsVal1.Properties("Cache Results") = False 

    

    

    

    

    RsVal1.CursorLocation = 3

    RsVal1.LockType = 3

   

    

End Sub
 
 
 

Sub Select_Source(ByRef RsVal, Byref SelectValue ,ByVal SourceNum)
 
 
 

Select Case SourceNum
 
 
 

Case 1

         

          RsVal.Source ="<LDAP://DC=winroot,DC=svmh,DC=com>;" & _   

          "(&(objectCategory=person)(objectClass=user)(cn=" & SELECTVALUE & "));" & _ 

          "cn,pwdLastSet,distinguishedName,SamaccountName,extensionAttribute1,msExchHomeServerName,mail;subtree" 

          RsVal.Sort = "cn ASC" 

          
 

            

        End Select

    

  

  

  RsVal.Open

  If RsVal.EOF Then

    Exit Sub

  End If

  RsVal.MoveFirst

  

 

            

    

End Sub
 
 
 
 
 

Sub CloseTables(ByRef RsVal1, ByRef cnTemp)

    RsVal1.Close

    cnTemp.Close

    Set RsVal1 = Nothing

    Set cnTemp = Nothing

End Sub

Open in new window

AD-USER.bmp
0
Comment
Question by:BLACK THANOS
2 Comments
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24740562
0
 

Accepted Solution

by:
BLACK THANOS earned 0 total points
ID: 24761065
i figured it out. I will post the code tomorrow. It CAN BE DONE.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After several hours of googling I could not gather any information on this topic. There are several ways of controlling the USB port connected to any storage device. The best example of that is by changing the registry value of "HKEY_LOCAL_MACHINE\S…
For most people, the WrapPanel seems like a magic when they switch from WinForms to WPF. Most of us will think that the code that is used to write a control like that would be difficult. However, most of the work is done by the WPF engine, and the W…
This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA. http://www.experts-exchange.com/videos/1478/Excel-Error-Handlin…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now