Announcement

Collapse
No announcement yet.

Set Password Never Expires Flag in AD

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Set Password Never Expires Flag in AD

    i need a script, i would prefer vb that will set the password never expires flag on all users in AD. or if you have a script that will set if for just one user i have a list of users. can anyone help.
    MCSE 2000\2003, A+
    00000001-00000011-00000011-00000111

  • #2
    problably it can ....
    but why

    see for an example:
    http://www.experts-exchange.com/Prog..._21445378.html
    Marcel
    Technical Consultant
    Netherlands
    http://www.phetios.com
    http://blog.nessus.nl

    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
    "No matter how secure, there is always the human factor."

    "Enjoy life today, tomorrow may never come."
    "If you're going through hell, keep going. ~Winston Churchill"

    Comment


    • #3
      There is :

      Code:
      Const ADS_UF_DONT_EXPIRE_PASSWD = &h10000
       
      Set objUser = GetObject _
          ("LDAP://cn=username,ou=TestOU,dc=domain,dc=com")
      intUAC = objUser.Get("userAccountControl")
       
      If ADS_UF_DONT_EXPIRE_PASSWD AND intUAC Then
          Wscript.Echo "Already enabled"
      Else
          objUser.Put "userAccountControl", intUAC XOR _
              ADS_UF_DONT_EXPIRE_PASSWD
          objUser.SetInfo
          WScript.Echo "Password never expires is now enabled"
      End If
      But why not just set it on the Domain level GPO ? (Max Password Age = 0) i.e. Never Expire.

      topper
      * Shamelessly mentioning "Don't forget to add reputation!"

      Comment


      • #4
        Code:
        Const ADS_UF_DONT_EXPIRE_PASSWD = &h10000
        strOU = "ou=Users"
        strDomain = "yourdomain.com"
        
        set objRootDSE = GetObject("LDAP://" & strDomain & "/RootDSE")
        set objParent = GetObject("LDAP://" & strOU & "," & objRootDSE.Get("defaultNamingContext"))
        
        intUAC = objUser.Get("userAccountControl")
        objParent.Filter = Array("user")
        
        for each objUser in objParent
          If ADS_UF_DONT_EXPIRE_PASSWD AND intUAC Then
          else
             objUser.Put "userAccountControl", intUAC XOR ADS_UF_DONT_EXPIRE_PASSWD
          objUser.SetInfo
          end if
        next



        Edited to make it more readable...
        Dumber.
        MCSE w2k
        MCSA w2k - MCSA w2k MESSAGING
        MCDBA SQL2k

        Comment


        • #5
          thats a good idea topper, wish i would have though of that sooner. Thank you all for your scripts.
          MCSE 2000\2003, A+
          00000001-00000011-00000011-00000111

          Comment

          Working...
          X