• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1450
  • Last Modified:

Windows 7 Password Expiration - VBS Script

I run AD via windows 2003 server. I (like most) found the following vbs script to run due to windows 7 machines only showing a ballon tip regarding password expiration. I need an actual msg box like XP machines prompting users. The only thing I changed with the script is the name. I have everything setup per the instructions and after running a gpupdate I receive no errors in my event log. However, when I log in with a machine that I know the password is about to expire the script does not seem to execute. Is there something a need to add in the scrtipt (sorry - no experience with .vbs).

It goes in the GPO - User Config - Policies - Admin Templates - System - Logon - Run these programs at user logon. You will also need to add the folder location to IE Trusted Sites to avoid having a popup asking if it should run the script.
PwExpChk.vbs
'========================================
' First, get the domain policy.
'========================================
Dim oDomain
Dim oUser
Dim maxPwdAge
Dim numDays
Dim warningDays
warningDays = 6

Set LoginInfo = CreateObject("ADSystemInfo")
Set objUser = GetObject("LDAP://" & LoginInfo.UserName & "")
strDomainDN = UCase(LoginInfo.DomainDNSName)
strUserDN = LoginInfo.UserName

Set oDomain = GetObject("LDAP://" & strDomainDN)
Set maxPwdAge = oDomain.Get("maxPwdAge")
'========================================
' Calculate the number of days that are
' held in this value.
'========================================
numDays = CCur((maxPwdAge.HighPart * 2 ^ 32) + _
maxPwdAge.LowPart) / CCur(-864000000000)
'WScript.Echo "Maximum Password Age: " & numDays

'========================================
' Determine the last time that the user
' changed his or her password.
'========================================
Set oUser = GetObject("LDAP://" & strUserDN)
'========================================
' Add the number of days to the last time
' the password was set.
'========================================
whenPasswordExpires = DateAdd("d", numDays, oUser.PasswordLastChanged)
fromDate = Date
daysLeft = DateDiff("d",fromDate,whenPasswordExpires)

'WScript.Echo "Password Last Changed: " & oUser.PasswordLastChanged
if (daysLeft < warningDays) and (daysLeft > -1) then
Msgbox "Password Expires in " & daysLeft & " day(s)" & " at " & whenPasswordExpires & chr(13) & chr(13) & "Once logged in, press CTRL-ALT-DEL and" & chr(13) & "select the 'Change a password' option", 0, "PASSWORD EXPIRATION WARNING!"
End if
'========================================
' Clean up.
'========================================
Set oUser = Nothing
Set maxPwdAge = Nothing
Set oDomain = Nothing
0
tmaususer
Asked:
tmaususer
  • 2
1 Solution
 
Michael PfisterCommented:
First,to make sure the script starts at all, put a MsgMox comand like

Msgbox "Script starts"

at the beginning of the script and retest.
If it doesn't pop up, you need to verify your GPO gets applied to the user in question (GPMC -> Run a Group Policy result for hte computer and user).
If it pops up, you need to start troubleshooting the vbs. As a fist step remove the comment sign  ' before the WScript.echo's  to get some deubug ou put. Then test the script while logged on as a user with expiring password and run
cscript PwExpChk.vbs

HTH
0
 
tmaususerAuthor Commented:
It looks like the policy is getting applied but I am receiving the following error on the script.
0
 
tmaususerAuthor Commented:
0

Featured Post

Configuration Guide and Best Practices

Read the guide to learn how to orchestrate Data ONTAP, create application-consistent backups and enable fast recovery from NetApp storage snapshots. Version 9.5 also contains performance and scalability enhancements to meet the needs of the largest enterprise environments.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now