JSI Tip 8330. What user accounts in my domain are expired?

Using the Active Directory Command-Line Tools, I have scripted UserAcctExpired.bat to list the User Name and expiration date of user accounts in my domain that have expired, or will expire today, and are NOT disabled.

NOTE: This is for account expiration, NOT password expiration.

The syntax for using UserAcctExpired.bat is:

UserAcctExpired

NOTE: UserAcctExpired.bat uses UnivDate.bat, which must be located in a folder that is in your PATH.

UserAcctExpired.bat contains:

@echo offsetlocalcall univdateset /a mm=100%mm%%%100if %mm% LSS 10 set mm=0%mm%set /a dd=100%dd%%%100if %dd% LSS 10 set dd=0%dd%set /a yy=10000%yy%%%10000if %yy% LSS 2000 set /a yy=%yy% + 2000set ymd=%yy%%mm%%dd%set qry1=dsquery user -name *set qry2=dsget user -samid -acctexpires -disabledset fnds=findstr /L /I /V /C:"dsget succeeded" /C:"acctexpires"for /f "Tokens=1,2*" %%a in ('%qry1% ^| %qry2% ^|%fnds%') do ( if /i "%%c" NEQ "yes" if /i "%%b" NEQ "never" call :exp "%%a" %%b)endlocalgoto :EOF:expset w1=%2set w2=%w1:~6,4%%w1:~0,2%%w1:~3,2%if %w2% GTR %ymd% goto :EOF@echo %1 %2