Script for determining NT account expiry? - KiXtart.org - official site

You are not logged in. [Log In] KiXtart.org website » Forums » KiXtart » Advanced Scripting » Script for determining NT account expiry?

Page 1 of 2

1

Topic Options

#62121 - 2002-01-16 12:14 AM Script for determining NT account expiry?
Anonymous Anonymous Unregistered	Does anybody had a script or UDF for checking when an NT domain account will expire. We expire temporary accounts regularly and it'd be great to have a routine that looks for such info and I can produce a report from the output. Thx!
Top

#62122 - 2002-01-16 04:10 AM Re: Script for determining NT account expiry?
Les Les KiX Master Registered: 2001-06-11 Posts: 12734 Loc: fortfrances.on.ca	rixster, How are you with ADSI and COM? What you're after, I'm confident you can get using KiX4 and the ADSI provider. If your WS is running Win2k, you've got it, otherwise for NT4 you need to install it. Se this thread Last logon date It should use the same method, except the property would be AccountDisabled instead of LastLogin. HTH _________________________ Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.
Top

#62123 - 2002-01-16 04:44 AM Re: Script for determining NT account expiry?
Les Les KiX Master Registered: 2001-06-11 Posts: 12734 Loc: fortfrances.on.ca	rixster, You think I'd of learned by now to test my theories... yup, yup, yup... right method, wrong property... Try something like this break on Dim $usr $usr = GetObject("WinNT://YourPDC/lligetfa,user") $AccountExpirationDate = $usr.AccountExpirationDate ? "AccountExpirationDate = "+$AccountExpirationDate get $_ Let me know how it work out. _________________________ Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.
Top

#62124 - 2002-01-16 05:49 AM Re: Script for determining NT account expiry?
Les Les KiX Master Registered: 2001-06-11 Posts: 12734 Loc: fortfrances.on.ca	Paging Kent! After looking at the requirements, I see there is a need to enumerate all users in the domain, but I know not how to do that. Kent, maybe you can step in here and save the day. _________________________ Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.
Top

#62125 - 2002-01-16 01:46 PM Re: Script for determining NT account expiry?
Bryce Bryce KiX Supporter Registered: 2000-02-29 Posts: 3167 Loc: Houston TX	here code: $domain = GetObject("WinNT://@domain") $domain.filter = "user","" for each $user in $domain $AccountExpirationDate = $user.AccountExpirationDate ? $user.name+ ":AccountExpirationDate = "+$AccountExpirationDate next [ 16 January 2002: Message edited by: Bryce ]
Top

#62126 - 2002-01-16 04:24 PM Re: Script for determining NT account expiry?
Les Les KiX Master Registered: 2001-06-11 Posts: 12734 Loc: fortfrances.on.ca	Thanks Bryce! It was the filter part I couldn't get my mind around. Without the filter I was getting computer objects as well. So rixster, is this going to do it for you? _________________________ Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.
Top

#62127 - 2002-01-16 06:03 PM Re: Script for determining NT account expiry?
Markus Hahn Markus Hahn Lurker Registered: 2002-01-16 Posts: 4 Loc: Duesseldorf	Can I set that filter in a way that I only get one global group out of that domain and not the whole bunch of users ? Greetings Markus
Top

#62128 - 2002-01-17 05:53 AM Re: Script for determining NT account expiry?
Bryce Bryce KiX Supporter Registered: 2000-02-29 Posts: 3167 Loc: Houston TX	$domain.filter = "group","" would show only domain groups, global and local. other filters... "service","" would show the services. "PrintQueue","" print queue's "printjob","" "FileShare","" "Computer","" this would be NT/W2k/XP domain computers...i think you can mix and match filters... "service","user" would display only services and users Bryce
Top

#62129 - 2002-01-17 05:32 PM Re: Script for determining NT account expiry?
Markus Hahn Markus Hahn Lurker Registered: 2002-01-16 Posts: 4 Loc: Duesseldorf	In fact I want the users of one global group listed together with the age of their password. Your infos brought me a lot closer to that, but I always get all domain users listed (far more then I want). Here's what I've got so far: $domain = GetObject("WinNT://EMEA") $domain.filter = "group","" for each $user in $domain $PasswordAge = $user.PasswordAge ? $user.name+ ": Password Age = "+$PasswordAge next Any idea ? Thanx Markus
Top

#62130 - 2002-01-18 12:48 AM Re: Script for determining NT account expiry?
Bryce Bryce KiX Supporter Registered: 2000-02-29 Posts: 3167 Loc: Houston TX	ahh you want the members of group X!!! i have just the UDF for you GroupMembers() - returns all members of a given group. [ 18 January 2002: Message edited by: Bryce ]
Top

#62131 - 2002-01-18 04:36 PM Re: Script for determining NT account expiry?
Markus Hahn Markus Hahn Lurker Registered: 2002-01-16 Posts: 4 Loc: Duesseldorf	Thanks Bryce, do I understand this correctly that in the top line I define the Domain and the group I want to list the members of ? Function Groupmembers("MyDomain","MyGroup") Or is this script only a part of another script that is giving the Domain and group as $target and $group to that Function, and the function returns one group member ? If so what would be the name of the returned string ?
Top

#62132 - 2002-01-18 06:00 PM Re: Script for determining NT account expiry?
Bryce Bryce KiX Supporter Registered: 2000-02-29 Posts: 3167 Loc: Houston TX	It returns an array of user ID's. But Let me make some changes tot he GroupMebmers() UDF so that it is easier to use (i have learned a thing or two... since i wrote it ) When i am done, i will let you know. Bryce
Top

#62133 - 2002-01-18 07:08 PM Re: Script for determining NT account expiry?
Bryce Bryce KiX Supporter Registered: 2000-02-29 Posts: 3167 Loc: Houston TX	ok here we go.... First get the new version of GroupMembers() here is some code.... code: $users = groupmembers(@domain,"group",18) for each $user in $Users ? $user.name + " : " + $user.AccountExpirationDate next Bryce
Top

#62134 - 2002-01-20 12:35 AM Re: Script for determining NT account expiry?
Markus Hahn Markus Hahn Lurker Registered: 2002-01-16 Posts: 4 Loc: Duesseldorf	Brilliant. That's it. Thaks a lot from Germany. Greetings Markus
Top

#62135 - 2002-03-10 04:57 PM Re: Script for determining NT account expiry?
attiahia attiahia Hey THIS is FUN Registered: 2000-03-27 Posts: 268	In the main login script I want to add the following: Check the user account expiration date once he login, compare it with the current date and inform the user with the remaining month\day. For the first part (finding the user account expiration date) I did the following $usr ="attiahXm" $domain = GetObject("WinNT://@domain") $domain.filter = "user","" for each $user in $domain $AccountExpirationDate = $user.AccountExpirationDate ? $user.name+ ":AccountExpirationDate = "+$AccountExpirationDate next I got a few accounts only with empty date like. admin:AccountExpirationDate = Administrator:AccountExpirationDate = backup:AccountExpirationDate = Guest:AccountExpirationDate = Thank you
Top

#62136 - 2002-03-10 05:17 PM Re: Script for determining NT account expiry?
Les Les KiX Master Registered: 2001-06-11 Posts: 12734 Loc: fortfrances.on.ca	attiahia, The script you ripped is intended as an admin script. It parses through the SAM and returns all account information. I have tested it and it works. I don't know why it would only return a few accounts unless it is not expandining the @domain macro and therefor parsing the local PC. Also, '$usr ="attiahXm"' serves no purpose. If you want to enumerate just the user in the logon, you need something like this: $usr = GetObject("WinNT://"+@LDOMAIN+"/"+@UserID+",user") $AccountExpirationDate = $usr.AccountExpirationDate ? @UserID+" - AccountExpirationDate = "+$AccountExpirationDate _________________________ Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.
Top

#62137 - 2002-03-10 05:32 PM Re: Script for determining NT account expiry?
Les Les KiX Master Registered: 2001-06-11 Posts: 12734 Loc: fortfrances.on.ca	attiahia, Not sure whether you thought this through. To be able to use ADSI in the logon script, all PCs would need to have the ADSI provider installed. Win2k/XP has it out-of-the-box, but NT and Wintendo does not. _________________________ Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.
Top

#62138 - 2002-03-11 04:40 AM Re: Script for determining NT account expiry?
attiahia attiahia Hey THIS is FUN Registered: 2000-03-27 Posts: 268	Thank you a lot for this help. How can I know that ADSI provider installed on my workstation? I think it’s exist because I executed before the OU function which I got from Alix & Bryce on this workstation and it gave me excellent result. Whoever, I want to know what is missing in the account expiration date code. In addition, do you know any resource kit, windows system or windows support tool which can find the account expiration date for NT domain? Thank you.
Top

#62139 - 2002-03-11 07:11 AM Re: Script for determining NT account expiry?
NTDOC NTDOC Administrator Registered: 2000-07-28 Posts: 11631 Loc: CA	Hello attiahia, Please take a look at this MSKB to determine the ADSI level INFO: Determining Which Version of ADSI Is Installed (Q216290) ADSI Downloads Microsoft ADSI Downloads
Top

#62140 - 2002-03-11 02:39 PM Re: Script for determining NT account expiry?
Les Les KiX Master Registered: 2001-06-11 Posts: 12734 Loc: fortfrances.on.ca	attiahia, If you have a large number of OS without the ADSI provider, what you could do is to have an admin script, running on one machine, populating an INI file. Then all the clients need do in their logon script is to ReadProfileString() to ascertain their AccountExpirationDate from the INI file. _________________________ Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.
Top

Page 1 of 2

1

Previous Topic

Previous Topic View All Topics

View All Topics

Index Next Topic

Next Topic

Moderator: Glenn Barnas, NTDOC, Arend_, Jochen, Radimus, Allen, ShaneEP, Ruud van Velsen, Mart

Hop to:

Shout Box

Who's Online

0 registered and 1782 anonymous users online.

Newest Members

ManuvdWielNL, Sir_Barrington, batdk82, StuTheCoder, M_Moore
17887 Registered Users

Generated in 0.073 seconds in which 0.027 seconds were spent on a total of 12 queries. Zlib compression enabled.

click tracking