Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
September 18, 2005
Borrowing from the technique in tip 9383, I have scripted WhenPwdExp.bat to set an environment variable to a user's password expiration date, and a user's password expiration time.
The syntax for using WhenPwdExp.bat is:
WhenPwdExp UserDN DateExp TimeExp
Where:
UserDN is a user's distinguished Name, like "CN=Jerold Schulman,CN=Users,DC=JSIINC,DC=COM".DateExp is a call directed environment variable that will contain UserDN's password expiration date.TimeExp is a call directed environment variable that will contain UserDN's password expiration time.
NOTE: if the password is set to never expire, DateExp and TimeExp are set to NEVER.
WhenPwdExp.bat contains:
@echo Offif {%3}=={} @echo Syntax: WhenPwdExp UserDN DateExp TimeExp&goto :EOFif exist "%TEMP%WhenPwdExp.vbs" goto doit@echo Dim objArgument, oDomain, oUser, maxPwdAge, numDays, PwdX, strDomainDN, strUserDN, OK>"%TEMP%WhenPwdExp.vbs"@echo Set objArgument = Wscript.Arguments>>"%TEMP%WhenPwdExp.vbs"@echo strDomainDN =objArgument^(0^)>>"%TEMP%WhenPwdExp.vbs"@echo strUserDN = strDomainDN ^& "/" ^& objArgument^(1^)>>"%TEMP%WhenPwdExp.vbs"@echo Set oDomain = GetObject^("LDAP://" ^& strDomainDN^)>>"%TEMP%WhenPwdExp.vbs"@echo Set maxPwdAge = oDomain.Get^("maxPwdAge"^)>>"%TEMP%WhenPwdExp.vbs"@echo numDays = CCur^(^(maxPwdAge.HighPart * 2 ^^ 32^) + maxPwdAge.LowPart^) / CCur^(-864000000000^)>>"%TEMP%WhenPwdExp.vbs"@echo Set oUser = GetObject^("LDAP://" ^& strUserDN^)>>"%TEMP%WhenPwdExp.vbs"@echo PwdX = DateAdd^("d", numDays, oUser.PasswordLastChanged^)>>"%TEMP%WhenPwdExp.vbs"@echo OK=oUser.userAccountControl AND 65536>>"%TEMP%WhenPwdExp.vbs"@echo if OK = 65536 Then>>"%TEMP%WhenPwdExp.vbs"@echo. PwdX = "NEVER NEVER">>"%TEMP%WhenPwdExp.vbs"@echo End If>>"%TEMP%WhenPwdExp.vbs"@echo WScript.Echo PwdX>>"%TEMP%WhenPwdExp.vbs"@echo Set oUser = Nothing>>"%TEMP%WhenPwdExp.vbs"@echo Set maxPwdAge = Nothing>>"%TEMP%WhenPwdExp.vbs"@echo Set oDomain = Nothing>>"%TEMP%WhenPwdExp.vbs":doitfor /f "Tokens=1*" %%a in ('cscript //nologo "%TEMP%WhenPwdExp.vbs" %USERDNSDOMAIN% %1') do ( set %2=%%a set %3=%%b)
You May Also Like