non expiring and enabled/disabled in ADUC

is there anyway in ad users and computers to run a report of all users who have non-expiring password, and also their account status, i.e. enabled or disabled?
LVL 3
pma111Asked:
Who is Participating?
 
Manjunath SulladConnect With a Mentor Technical ConsultantCommented:
open ADUC and do the following.

Right-click Saved Queries and click the New-Query option
Type in a name for your saved query, such as Find all Non expiring PW Users
Click the Define Query button
Under the Find drop-down list, select Custom Search
Click the Advanced tab
Type in (objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=65536)
Click the OK button to save the custom entry, then click on the OK button to save the query
Now you should see all users with the flage pw never expires

Click the Export List button from the top of the ADUC windows and save to txt file.



Refer : http://social.technet.microsoft.com/Forums/windowsserver/en-US/e979eb85-8269-4004-bc71-18d9b49d4416/how-to-check-list-users-in-my-ad-configured-with-password-never-expires?forum=winserverDS
0
 
Lior KarasentiCommented:
This script can help you to find all the none expired passwords:

http://gallery.technet.microsoft.com/scriptcenter/Know-All-User-Accounts-in-721c81f3
0
 
pma111Author Commented:
i dont want to use a script i want to use aduc, thanks.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
pma111Author Commented:
will this list account status i.e. enabled/disabled?
0
 
Manjunath SulladTechnical ConsultantCommented:
You need to export disabled user list seperately, then compare with password never expiry list.

Refer below link to export disabled user list.

http://social.technet.microsoft.com/Forums/windowsserver/en-US/074e3391-000d-4713-a495-ad743c2f11e3/active-directory-users-and-computers?forum=winservergen


Export these two list to excel and compare these list, You will get Password never expiry with account disabled / enabled user list.
0
 
MaheshArchitectCommented:
You could use Bulk AD users Freeware tool from Wise soft

There is option called properties to load where you can put whatever attributes you are looking and then export this list to csv file

The search scope can be entire domain, OU or simply users list if you already have

To check account status add userAccountControl attribute and to check if it is having non expiring password add accountExpires

Tool can be run on any server \ client OS from 2003 and do not require PowerShell

http://www.wisesoft.co.uk/software/bulkadusers/default.aspx

Mahesh
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.