;; KixGenerated: 2008/10/22 10:00:32
Break On
Dim $Members, $Member ; array of domain user members, enumerator var
Dim $I ; index var
Dim $objUser ; AD user query object pointer
Dim $Flags ; user flags
Dim $LStat ; locked status flags
Dim $RptData[0], $R ; report array, record pointer
Dim $Header ; report page header
Dim $MailTo, $MailSender, $MailServer ; mail parameters
Dim $BlatCmd ; Blat command string
; get array of user accounts
'Collecting'
$Members = GroupMembers(@DOMAIN, 'Domain Users', 2)
Chr(13) 'Reporting ' ?
$R = -1
; header
;00000000011111111112222222222333333333344444444445555555555666666666677777777778
;12345678901234567890123456789012345678901234567890123456789012345678901234567890
$Header = 'UserID UserName Locked? Expired?' + @CRLF
$Header = $Header + ' Expiration date' + @CRLF
$Header = $Header + '===============================================================================' + @CRLF
For Each $Member In $Members
; get specific user data
$objUser = GetObject('WinNT://' + @DOMAIN + '/' +$Member + ',user')
$LStat = $objUser.IsAccountLocked
If $LStat = TRUE
$R = $R + 1
ReDim Preserve $RptData[$R]
$RptData[$R] = Left($Member + ' ', 15)
$RptData[$R] = $RptData[$R] + Left($objUser.FullName + ' ', 40)
If $LStat
$RptData[$R] = $RptData[$R] + 'LOCKED'
Else
$RptData[$R] = $RptData[$R] + 'NOTLOCKED'
EndIf
If Exist('.\debug.txt')
$RptData[$R] ?
$I = $I + 1
If
$I > 100 Quit 0
EndIf
EndIf
EndIf
Next
Del '%S_CONFIG%\Logs\Locked.txt' ; remove prior report
$R = RedirectOutput('%S_CONFIG%\Logs\Locked.txt') ; create new report file
$Header ; output the header
For $R = 0 to UBound($RptData)
If $R Mod 52 = 0 And $R > 0
Chr(12) $Header ; output a formfeed and header every 52 records
EndIf
$RptData[$R] ?
Next
$R = RedirectOutput('') ; close the report file
$MailTo = ReadProfileString('%S_CONFIG%\lockout.ini', 'MAIL', 'MailTo')
$MailSender = ReadProfileString('%S_CONFIG%\lockout.ini', 'MAIL', 'MailSender')
$MailServer = ReadProfileString('%S_CONFIG%\lockout.ini', 'MAIL', 'MailServer')
; send the report via email (BLAT)
If $MailTo <> ''
$BlatCmd = '%COMSPEC% /c %S_BIN%\Blat\blat.exe %S_CONFIG%\Logs\Locked.txt'
$BlatCmd = $BlatCmd + ' -to ' + $MailTo
$BlatCmd = $BlatCmd + ' -subject "Expiring Passwords"'
$BlatCmd = $BlatCmd + ' -f ' + $MailSender
$BlatCmd = $BlatCmd + ' -server ' + $MailServer
$BlatCmd = $BlatCmd + ' >NUL:'
Shell $BlatCmd
EndIf
Exit 0
;
;FUNCTION GroupMembers
;
;ACTION Returns an array of all group members of the specified group
;
;SYNTAX GroupMembers(Target, Group, [FLAG])
;
;PARAMETERS Target
; The Domain name or Workstation to work with. For faster workstation
; execution, include the Domain Name that the workstation is a meber of.
;
; "Kixtart/beanbag" would be working with the workstation Beanbag in the
; Kixtart domain
;
; Group
; The Group you want to query
;
; [FLAGS]
; To use the flags options add the numbers of the desired flags toghthers and
; Use that number in the flag field.
;
; Filter :(only one filter flag at a time please)
; 1 = all
; 2 = Users only
; 4 = Groups only
;
; ADSI Information(return ADSI information "pick only one")
; 8 = ADSPath field
; 16 = ADSI Object Handle
;
;RETURNS an array containing , if the ADSPath option is used the ADSPath
; will also be returned |.
;
;REMARKS ADSI com object must be installed.
;
;EXAMPLES ;this return all members of the Domain Admins group in the kixtart domain.
; $members = groupmembers("kixtart","Domain admins")
;
; ;this will will return all groups in the local administrators group on
; ;the Workstation beanbad in the kixtart domain. Also the
; $groups = groupmembers("kixtart/beanbag","Administratoos","group")
Function Groupmembers($target, $group, optional $flag)
DIM $temparray[8], $member, $i, $chunk, $flag, $ADSIFlag, $filterFlag
$chunk = ubound($temparray)
$flag = val($flag)
$i = 0
$group = getobject("WinNT://" + $target + "/" + $group)
if vartype($group) <> 9 exit(@error) endif
select
case $flag & 1
$filterflag = 1
case $flag & 2
$filterflag = 2
case $flag & 4
$filterflag = 4
case 1
$filterflag = 1
endselect
select
case $flag & 8
$ADSIFlag = 8
case $flag & 16
$ADSIFlag = 16
endselect
for each $member in $group.members
select
case $filterflag = 2 AND $member.class = "user"
if substr($member.name,len($member.name),1) <> Chr(36)
$temparray[$i] = $member.name
select
case $adsiflag = 8
$temparray[$i] = $member.adspath
case $adsiflag = 16
$temparray[$i] = $member
endselect
$i = $i + 1
endif
case $filterflag = 4 AND $member.class = "Group"
if substr($member.name,len($member.name),1) <> Chr(36)
$temparray[$i] = $member.name
select
case $adsiflag = 8
$temparray[$i] = $member.adspath
case $adsiflag = 16
$temparray[$i] = $member
endselect
$i = $i + 1
endif
case $filterflag = 1
if substr($member.name,len($member.name),1) <> Chr(36)
$temparray[$i] = $member.name
select
case $adsiflag = 8
$temparray[$i] = $member.adspath
case $adsiflag = 16
$temparray[$i] = $member
endselect
$i = $i + 1
endif
case $filterflag
;bit bucket
endselect
if $i = ubound($temparray)
redim preserve $temparray[Ubound($temparray)+$chunk]
endif
next
if $i <> 0
redim preserve $temparray[$i-1]
$groupmembers=$temparray
endif
endfunction
