JSI Tip 0560 - Schedule positive notification of password expiration.


If your users tend to ignore the systems password change request and implementing tip 559 in a login script doesn't seen to help, try scheduling it in batch. JSINotify.bat uses JSIExpire.bat (from tip 559) and Showmbrs from

It can use the Notify.bat from tip 559 or you can use a create another one.

Usage: JSINotify "DomainName" Days <path>\notify.bat

 
@echo off 
if %1

"" goto syntax if "%2"

"" goto syntax set agea=%2 set /a agen=%agea% if "%agea%"

"%agen%" goto notify :syntax @echo JSINotify "DomainName" Days <path>\notify.bat goto end :notify if %3

"" goto syntax if not exist %3 goto syntax Set Domain=%1 for /f "Tokens=*" %%i in ('showmbrs "%DOMAIN%\Domain Users"') do (for /f "tokens=1-3" %%j in ('net user "%%i" /domain') do call :xuser %2 %3 "%%i" %%j %%k %%l) REM The above two lines are 1 line goto end :xuser if not "%4"

"Password" goto end if not "%5"

"expires" goto end if "%6"=="Never" goto end call JSIExpire %3 %1 %2 :end

To schedule the process on your PDC, the Schedule Service must run under a Domain Admin account or have the Scheduler run under the System account and impersonate a Domain Admin for this job, using SU (see Supplement Two):

AT 00:00 /Every:M,T,W,Th,F,S,Su CMD /C "<Path>\JSINotify.bat"

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish