Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

LastPasswordSet 1

Status
Not open for further replies.
sotghalz

sotghalz

Technical User
Apr 11, 2007
57
US
thread329-1471433

I'm having any issue with this script. I added a list.txt to read from and also a scriptlog.txt to output the results.

The problem I'm having is the same info shows for all workstations. Also, what is the attribute for "last password set" (when was the password last changed)?

Any help would be greatly appreciated...

Here is what I have so far:
Code: 
On Error Resume Next
Set oFSO = CreateObject("Scripting.FileSystemObject")
Set oTextStream = oFSO.OpenTextFile("list.txt")
RemotePC = Split(oTextStream.ReadAll, vbNewLine)
oTextStream.Close

Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.CreateTextFile("ScriptLog.txt")

For Each strComputer In RemotePC

	Dim objNetwork : Set objNetwork = CreateObject("WScript.Network")
	Dim objGroup : Set objGroup = GetObject("WinNT://.")
	objGroup.Filter = Array("user")
	Dim objUser
	For Each objUser In objGroup
	    On Error Resume Next
	        objFile.WriteLine strComputer & "," & objUser.name & "," & GetObject(objUser.adsPath).LastLogin
	    On Error GoTo 0
	Next
Next
 
Sort by date Sort by votes
Comment out all the Error Resume Next instructions and you'll discover what really happen.

Hope This Helps, PH.
FAQ219-2884
FAQ181-2886
 
Upvote 0 Downvote
There are 2 problems with this statement:
Code: 
Dim objGroup : Set objGroup = GetObject("WinNT://.")
1) The variable is named badly, so it's confusing. The object is an ADSI bind to a specific computer.
2) "WinNT://." is a referral to the local machine. The data you get back will always be from the local system.

Hence:
Code: 
Dim objADSI : Set objADSI = GetObject("WinNT://strComputer")

The password change date is stored in a property called "PasswordLastChanged". Documentation for this WinNT ADSI property is HERE ON MSDN.

BTW... welcome to the world of scripting. Just a couple of hints...

1) Separating 2 lines with a colon :)) is convenient for illustration, but should not be used in general because it can confuse you when you reread your code.
So change
Code: 
Dim objNetwork : Set objNetwork = CreateObject("WScript.Network")
to
Code: 
Dim objNetwork
Set objNetwork = CreateObject("WScript.Network")

2) Declare global variables at the top of your script. Dim statements declare variables. Const statements declare constants.
3) Use "On Error Resume Next" only when you want to trap an error and have the script survive.
4) Always close your error trap with "On Error GoTo 0"

And most importantly...
5) Use a text editor that will color code your script. Notepad++ is free.

PSC
[—] CCNP[sub][blue]x3[/blue][/sub] (Security/R&S/Wireless) [•] MCITP: Enterprise Admin [•] MCSE [—]

Governments and corporations need people like you and me. We are samurai. The keyboard cowboys. And all those other people out there who have no idea what's going on are the cattle. Mooo! --from "Hackers
 
Upvote 0 Downvote
Thanks for the scripting lesson. I had to do a little more research and I found out that PasswordLastChanged is not supported but, PasswordAge is. I'm still having an issue with multiple computers (remote computers).

Note: The PasswordLastChanged property is not supported by the WinNT provider:
Again, any help would be greatly appreciated.

Code: 
'On Error Resume Next

Dim objNetwork
Dim objADSI
Dim objUser

Set oFSO = CreateObject("Scripting.FileSystemObject")
Set oTextStream = oFSO.OpenTextFile("list.txt")
RemotePC = Split(oTextStream.ReadAll, vbNewLine)
oTextStream.Close

Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.CreateTextFile("ScriptLog.txt")

For Each strComputer In RemotePC

    Set objNetwork = CreateObject("WScript.Network")
    Set objADSI = GetObject("WinNT://" & strComputer & "")
    objADSI.Filter = Array("user")
    
    For Each objUser In objADSI
        'On Error Resume Next
            objFile.WriteLine strComputer & "," & objUser.name & "," & GetObject(objUser.adsPath).PasswordAge /60\60\24+1 & " Days"
        'On Error GoTo 0
    Next
Next
 
Upvote 0 Downvote
Ok... Let's take your script and simplify it... We'll directly insert the array of Computers and output the results to the screen...

Code: 
Dim oADSI, oUser, aRemotePCs, sComputer

Const SecsInDay = 86400

aRemotePCs = Array("Computer1","Computer2")

For Each sComputer In aRemotePCs
	Set oADSI = GetObject("WinNT://" & sComputer & "")
	oADSI.Filter = Array("user")
	
	For Each oUser In oADSI
		WScript.Echo sComputer & "," & oUser.name & "," & CInt(GetObject(oUser.adsPath).PasswordAge / SecsInDay) & " Days"
	Next
Next

Modify the array with some sample machines that you are working with. Do you get the output you expect?

If yes, then you need to troubleshoot your input file. Use "Wscript.Echo" commands to show the data that the script is trying to use.

PSC
[—] CCNP[sub][blue]x3[/blue][/sub] (Security/R&S/Wireless) [•] MCITP: Enterprise Admin [•] MCSE [—]

Governments and corporations need people like you and me. We are samurai. The keyboard cowboys. And all those other people out there who have no idea what's going on are the cattle. Mooo! --from "Hackers
 
Upvote 0 Downvote
PSC,

Thanks for the new code. It worked in the array so I put back in the Input file for reading and also the output file for the results. Thanks for your help.

Here is the final result.

Code: 
Dim oADSI, oUser, aRemotePCs, sComputer, objFSO, objFile

Const SecsInDay = 86400

Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.CreateTextFile("ScriptLog.txt")

Set oFSO = CreateObject("Scripting.FileSystemObject")
Set oTextStream = oFSO.OpenTextFile("list.txt")
aRemotePCs = Split(oTextStream.ReadAll, vbNewLine)
oTextStream.Close

For Each sComputer In aRemotePCs
    Set oADSI = GetObject("WinNT://" & sComputer & "")
    oADSI.Filter = Array("user")
    
    For Each oUser In oADSI
        objFile.WriteLine sComputer & "," & oUser.name & "," & CInt(GetObject(oUser.adsPath).PasswordAge / SecsInDay) & " Days"
    Next
Next
 
Upvote 0 Downvote
PSC,

I just wanted to let you know and for anybody else reading this. If you run this on a domain controller you get all logged in accounts (domain accounts).
 
Upvote 0 Downvote
Yes. That is expected behavior. You should skip your DC's when you run an audit like this... There are better ways to deal with AD data.

I spent a month or so working on a script that would audit the local group memberships of servers and would report changes. (The project was eventually abandoned.) The key is that if I hit a DC with the script I would end up with a group dump of the directory, and get a lot of duplicate data.

Enough of that...

Now here's a brain teaser for you... Why are you creating 2 File System Objects (objFSO and oFSO)?

PSC
[—] CCNP[sub][blue]x3[/blue][/sub] (Security/R&S/Wireless) [•] MCITP: Enterprise Admin [•] MCSE [—]

Governments and corporations need people like you and me. We are samurai. The keyboard cowboys. And all those other people out there who have no idea what's going on are the cattle. Mooo! --from "Hackers
 
Upvote 0 Downvote
PSC,

To answer the question I used two other script I used in the past to read and and create a text file. Thanks for pointing that out. I removed
Code: 
Set oFSO = CreateObject("Scripting.FileSystemObject")
and changed
Code: 
oFSO.OpenTextFile
to
Code: 
objFSO.OpenTextFile

With my limited experience I should have at least caught that myself.

Again, thanks for your help.
 
Upvote 0 Downvote
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top