I need to query an OU in our domain and generate a list of the users whose passwords are set to never expire. I've looked at the dsquery options but can't find the attribute for the password not expiring. Can anyone help me out with how to do this? I know it can be done with a script but I don't know how to write or find one.
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Query AD for passwords set to never expire 2
- Thread starter canadajoe
- Start date
check this out:
_________________________________
IBM CP, MCP 2000, E60 driver ;-)
_________________________________
IBM CP, MCP 2000, E60 driver ;-)
- Thread starter
- #3
Thanks
I looked at the site for this tool and it looks like it queries attribites per user. I need something to pipe results to a file that shows all users in an OU whose passwords are set to never expire, not having to put in the names of the users one at a time
I looked at the site for this tool and it looks like it queries attribites per user. I need something to pipe results to a file that shows all users in an OU whose passwords are set to never expire, not having to put in the names of the users one at a time
-
1
- #4
monsterjta
IS-IT--Management
I found this tidbit from MS. Save this code into a file with the .VBS extension and run it from a DC.
Just modify the string "<LDAP://dc=fabrikam,dc=com>;" with information pertaining to your domain.
Example: dc=your_domain,dc=local
I hope you find this post helpful,
Jonathan Almquist
Minneapolis, MN
Code:
On Error Resume Next
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection
objCommand.Properties("Page Size") = 1000
objCommand.CommandText = _
"<LDAP://dc=fabrikam,dc=com>;" & _
"(&(objectCategory=User)(userAccountControl:1.2.840.113556.1.4.803:=65536));" & _
"Name;Subtree"
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
Do Until objRecordSet.EOF
Wscript.Echo objRecordSet.Fields("Name").Value
objRecordSet.MoveNext
LoopJust modify the string "<LDAP://dc=fabrikam,dc=com>;" with information pertaining to your domain.
Example: dc=your_domain,dc=local
I hope you find this post helpful,
Jonathan Almquist
Minneapolis, MN
-
1
- #5
canadajoe,
In Active Directory right click the "Saved Queries" folder and select New Query. Give it a name and then hit "Define Query". In the pop box check "Non expiring passwords", OK. Then click on Browse beside the "Query Root" option to select your OU.
Just double click the query when ever you need updated info. You can also export the results to a .xls file
John
In Active Directory right click the "Saved Queries" folder and select New Query. Give it a name and then hit "Define Query". In the pop box check "Non expiring passwords", OK. Then click on Browse beside the "Query Root" option to select your OU.
Just double click the query when ever you need updated info. You can also export the results to a .xls file
John
- Thread starter
- #6
- Thread starter
- #8
- Status
Similar threads
