Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Query AD for passwords set to never expire 2

Status
Not open for further replies.

canadajoe

IS-IT--Management
Jun 14, 2006
45
CA
I need to query an OU in our domain and generate a list of the users whose passwords are set to never expire. I've looked at the dsquery options but can't find the attribute for the password not expiring. Can anyone help me out with how to do this? I know it can be done with a script but I don't know how to write or find one.
 
Thanks
I looked at the site for this tool and it looks like it queries attribites per user. I need something to pipe results to a file that shows all users in an OU whose passwords are set to never expire, not having to put in the names of the users one at a time
 
I found this tidbit from MS. Save this code into a file with the .VBS extension and run it from a DC.

Code:
On Error Resume Next

Set objConnection = CreateObject("ADODB.Connection")
Set objCommand =   CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection

objCommand.Properties("Page Size") = 1000

objCommand.CommandText = _
    "<LDAP://dc=fabrikam,dc=com>;" & _
        "(&(objectCategory=User)(userAccountControl:1.2.840.113556.1.4.803:=65536));" & _
            "Name;Subtree"
Set objRecordSet = objCommand.Execute

objRecordSet.MoveFirst
Do Until objRecordSet.EOF
    Wscript.Echo objRecordSet.Fields("Name").Value
    objRecordSet.MoveNext
Loop

Just modify the string "<LDAP://dc=fabrikam,dc=com>;" with information pertaining to your domain.

Example: dc=your_domain,dc=local

I hope you find this post helpful,

Jonathan Almquist
Minneapolis, MN
 
canadajoe,

In Active Directory right click the "Saved Queries" folder and select New Query. Give it a name and then hit "Define Query". In the pop box check "Non expiring passwords", OK. Then click on Browse beside the "Query Root" option to select your OU.

Just double click the query when ever you need updated info. You can also export the results to a .xls file

John
 
Thanks that works well. Hate to be a pain, but could you tell me how to pump the output to a text file?
 
I was talking about the vbs script. I ran it from command line and put it to a text but your query works better, thank you
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top