How to I identify "User must change password at next logon" attribute in Active Directory

Posted on 2009-06-29
Last Modified: 2012-08-13
I simply want to enumerate the accounts in active directory that have the "User must change password at next logon" box checked. I have attached a bitmap to show you what I am refering to and the code for enumeration is included. Prefereably the solution should be in vbscript or vb.
SelectValue = "REGIS T. HYDE"

SetLdapRecordSource CnUserRs, CnUserCn, SelectValue, 1 

Do While Not CnUserRs.EOF 

WScript.Echo CnUserRs.Fields("pwdLastSet").value



CloseTables CnUserRs,CnUserCn

Sub Get_Record_Set(ByRef RsVal)


'*       Summary       *'



'*    This module will create an ado recordset object. It basically sets    *'

'*    aside memory allocation for the source that will be used for data     *'

'*    manipulation.                                                         *'



    Set RsVal = CreateObject("ADODB.Recordset")


End Sub

Sub SetLdapRecordSource(ByRef RsTemp, ByRef cnTemp,ByRef SelectValue, ByRef CaseTemp)


    Get_Record_Set RsTemp

    Open_LdapConnection RsTemp, cnTemp

    Select_Source RsTemp, SelectValue, CaseTemp


End Sub

Sub Open_LdapConnection(ByRef RsVal1, ByRef cnTemp)


'*       Summary       *'



'*    This module will create an ado connection object. It basically allows *'

'*    the recordset to attach to the appropriate ldap data source.          *'





    Set cnTemp = CreateObject("ADODB.Connection")

    cnTemp.ConnectionString = "Provider=ADsDSOObject"



    RsVal1.ActiveConnection = cnTemp

    'RsVal1.Properties("searchscope") = ADS_SCOPE_SUBTREE


    RsVal1.Properties("Page Size") = 1000

    RsVal1.Properties("Timeout") = 30  

    RsVal1.Properties("Searchscope") = ADS_SCOPE_SUBTREE 

    RsVal1.Properties("Cache Results") = False 





    RsVal1.CursorLocation = 3

    RsVal1.LockType = 3



End Sub

Sub Select_Source(ByRef RsVal, Byref SelectValue ,ByVal SourceNum)

Select Case SourceNum

Case 1


          RsVal.Source ="<LDAP://DC=winroot,DC=svmh,DC=com>;" & _   

          "(&(objectCategory=person)(objectClass=user)(cn=" & SELECTVALUE & "));" & _ 


          RsVal.Sort = "cn ASC" 



        End Select





  If RsVal.EOF Then

    Exit Sub

  End If






End Sub

Sub CloseTables(ByRef RsVal1, ByRef cnTemp)



    Set RsVal1 = Nothing

    Set cnTemp = Nothing

End Sub

Open in new window

Question by:BLACK THANOS
LVL 47

Expert Comment

by:Donald Stewart
ID: 24740562

Accepted Solution

BLACK THANOS earned 0 total points
ID: 24761065
i figured it out. I will post the code tomorrow. It CAN BE DONE.

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After several hours of googling I could not gather any information on this topic. There are several ways of controlling the USB port connected to any storage device. The best example of that is by changing the registry value of "HKEY_LOCAL_MACHINE\S…
For most people, the WrapPanel seems like a magic when they switch from WinForms to WPF. Most of us will think that the code that is used to write a control like that would be difficult. However, most of the work is done by the WPF engine, and the W…
This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA.…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now