I have scripted WhenPwdX.bat to determine the date and time that a user password expires, the date and time that the password was last set,
and the maximum password age.
The output is displayed on the console, but can be redirect to a file, or parsed in a FOR command.
Sample Usage
call whenPwdX DomainName "User Distinguished Name"Where DomainName is the domain name, like JSIINC.COM, and "User Distinguished Name" is the user's distinguished name, like "CN=Jerold Schulman,CN=Users,DC=JSIINC,DC=COM".
The output might look like one of the following:
05/02/2005 14:47:17 03/21/2005 14:47:17 42.94967296 NEVER NEVER 07/01/2004 16:07:12 42.94967296You can redirect the output to a file using:
call whenPwdX DomainName "User Distinguished Name">>FileName
You can parse the output using a FOR command using:
FOR /f "Tokens=1-5" %%a in ('call whenPwdX DomainName "User Distinguished Name"') do ( set DateEXP=%%a set TimeEXP=%%b set DateSET=%%c set TimeSET=%%d set Days=%%e . . . . . . )WhenPwdX.bat contains:
@echo off If \{%2\}==\{\} @echo Syntax: WhenPwdX DomainName UserDistinguishedName&goto :EOF setlocal set oDomain=%1 set oUser=%2 if exist "%TEMP%\WhenPwdX.vbs" goto doit @echo Dim oDomain, oUser, maxPwdAge, numDays, objArguments>"%TEMP%\WhenPwdX.vbs" @echo Set objArguments = Wscript.Arguments>>"%TEMP%\WhenPwdX.vbs" @echo strDomainDN=objArguments^(0^)>>"%TEMP%\WhenPwdX.vbs" @echo strUserDN = strDomainDN ^& "/" ^& objArguments^(1^)>>"%TEMP%\WhenPwdX.vbs" @echo Set oDomain = GetObject^("LDAP://" ^& strDomainDN^)>>"%TEMP%\WhenPwdX.vbs" @echo Set maxPwdAge = oDomain.Get^("maxPwdAge"^)>>"%TEMP%\WhenPwdX.vbs" @echo numDays = CCur^(^(maxPwdAge.HighPart * 2 ^^ 32^) + _>>"%TEMP%\WhenPwdX.vbs" @echo maxPwdAge.LowPart^) / CCur^(-864000000000^)>>"%TEMP%\WhenPwdX.vbs" @echo Set oUser = GetObject^("LDAP://" ^& strUserDN^)>>"%TEMP%\WhenPwdX.vbs" @echo OK= oUser.userAccountControl AND 65536>>"%TEMP%\WhenPwdX.vbs" @echo whenPasswordExpires = DateAdd^("d", numDays, oUser.PasswordLastChanged^)>>"%TEMP%\WhenPwdX.vbs" @echo if OK = 65536 Then>>"%TEMP%\WhenPwdX.vbs" @echo WhenPasswordExpires = "NEVER NEVER">>"%TEMP%\WhenPwdX.vbs" @echo End If>>"%TEMP%\WhenPwdX.vbs" @echo WScript.Echo whenPasswordExpires ^& " " ^& oUser.PasswordLastChanged ^& " " ^& numDays>>"%TEMP%\WhenPwdX.vbs" @echo Set oUser = Nothing>>"%TEMP%\WhenPwdX.vbs" @echo Set maxPwdAge = Nothing>>"%TEMP%\WhenPwdX.vbs" @echo Set oDomain = Nothing>>"%TEMP%\WhenPwdX.vbs" :doit cscript //nologo "%TEMP%\WhenPwdX.vbs" %oDomain% %oUser% endlocal
0 comments
Hide comments