Page 1 of 1 1
Topic Options
#93188 - 2003-10-28 07:18 PM Problem Setting "User must change password at next logon" attribute via ADSI/Kixtart
Everyone Offline
Getting the hang of it

Registered: 2003-10-19
Posts: 81
Loc: Beale Air Force Base, CA
I'm trying to use ADSI code in a Kixtart script, to set accounts so that the user must change the password at next login.

Here is an article that shows how to do it in VBScript:
Configuring a Password Change at Next Logon Requirement

Here is the Kixtart code:
code:
$Domain = GetObject("LDAP://" + $DN[0])
$Domain.Put "pwdLastSet",0
$Domain.SetInfo

This is the error that occurs on the line that says: $Domain.Put "pwdLastSet",0

ERROR : unexpected command!
Script: C:\KiX2001.421\test2.kix
Line : 40

What do I need to do to make this work? [Confused]

[ 28. October 2003, 19:19: Message edited by: Everyone ]

Top
#93189 - 2003-10-28 07:30 PM Re: Problem Setting "User must change password at next logon" attribute via ADSI/Kixtart
Chris S. Offline
MM club member
*****

Registered: 2002-03-18
Posts: 2368
Loc: Earth
Try...

code:
$Domain = GetObject("LDAP://" + $DN[0])
$Domain.Put("pwdLastSet",0)
$Domain.SetInfo


Top
#93190 - 2003-10-28 07:30 PM Re: Problem Setting "User must change password at next logon" attribute via ADSI/Kixtart
Howard Bullock Offline
KiX Supporter
*****

Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
Try using parens...

$Domain.Put("pwdLastSet",0)
_________________________
Home page: http://www.kixhelp.com/hb/

Top
#93191 - 2003-10-28 07:30 PM Re: Problem Setting "User must change password at next logon" attribute via ADSI/Kixtart
Sealeopard Offline
KiX Master
*****

Registered: 2001-04-25
Posts: 11162
Loc: Boston, MA, USA
Have you tried $Domain.Put('pwdLastSet',0) or $domain.pwdLastSet=0 ?
_________________________
There are two types of vessels, submarines and targets.

Top
#93192 - 2003-10-28 07:32 PM Re: Problem Setting "User must change password at next logon" attribute via ADSI/Kixtart
Everyone Offline
Getting the hang of it

Registered: 2003-10-19
Posts: 81
Loc: Beale Air Force Base, CA
I tried $Domain.Put("pwdLastSet",0), that didn't return an error, but it didn't set the attribute either.

I will try $domain.pwdLastSet=0

Top
#93193 - 2003-10-28 07:34 PM Re: Problem Setting "User must change password at next logon" attribute via ADSI/Kixtart
Everyone Offline
Getting the hang of it

Registered: 2003-10-19
Posts: 81
Loc: Beale Air Force Base, CA
$domain.pwdLastSet=0 doesn't return an error, however it doesn't set the attribute.
Top
#93194 - 2003-10-28 07:37 PM Re: Problem Setting "User must change password at next logon" attribute via ADSI/Kixtart
Richie19Rich77 Offline
Seasoned Scripter
*****

Registered: 2002-08-16
Posts: 622
Loc: London, England
Do this then:

$ADSUser.Put("PasswordExpired", 1)
$ADSUser.SetInfo

Top
#93195 - 2003-10-28 07:49 PM Re: Problem Setting "User must change password at next logon" attribute via ADSI/Kixtart
Everyone Offline
Getting the hang of it

Registered: 2003-10-19
Posts: 81
Loc: Beale Air Force Base, CA
quote:
Do this then:

$ADSUser.Put("PasswordExpired", 1)
$ADSUser.SetInfo

That gives an "expected expression!" error, unles I change $ADSUser to $Domain.

If I change it to $Domain, it does nothing.

Top
#93196 - 2003-10-28 08:01 PM Re: Problem Setting "User must change password at next logon" attribute via ADSI/Kixtart
Howard Bullock Offline
KiX Supporter
*****

Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
This code works for me and has been verified via the GUI.

$obUser = GetObject("LDAP://CN=USer,OU=US Pilot Accounts,OU=0001,DC=tyco,DC=com"); 
? "Get user: @error @serror"
$obUser.Put ("pwdLastSet",0)
$obUser.SetInfo
? "SetInfo: @error @serror"


Are you binding to the same DC with the script as you are with the GUI?

[ 28. October 2003, 20:02: Message edited by: Howard Bullock ]
_________________________
Home page: http://www.kixhelp.com/hb/

Top
#93197 - 2003-10-28 08:03 PM Re: Problem Setting "User must change password at next logon" attribute via ADSI/Kixtart
Richie19Rich77 Offline
Seasoned Scripter
*****

Registered: 2002-08-16
Posts: 622
Loc: London, England
Hmm, try this then.

$STRUserName = "Richard.Farthing"
$STRUSERPATH = "WinNT://@Domain/$STRUserName,User"
$Reset = GetObject($STRUSERPATH)
$Reset.Put("PasswordExpired", 1)
$Reset.setinfo



[ 28. October 2003, 20:04: Message edited by: Richard Farthing ]

Top
#93198 - 2003-10-28 08:05 PM Re: Problem Setting "User must change password at next logon" attribute via ADSI/Kixtart
Richie19Rich77 Offline
Seasoned Scripter
*****

Registered: 2002-08-16
Posts: 622
Loc: London, England
And do you have 2 domain controllers, maybe you need to do a manual replication.
Top
#93199 - 2003-10-28 08:09 PM Re: Problem Setting "User must change password at next logon" attribute via ADSI/Kixtart
Lonkero Administrator Offline
KiX Master Guru
*****

Registered: 2001-06-05
Posts: 22332
Loc: OK
scary how you boys got same time there in the initial replies... [Eek!]
_________________________
!

download KiXnet

Top
#93200 - 2003-10-28 09:24 PM Re: Problem Setting "User must change password at next logon" attribute via ADSI/Kixtart
Everyone Offline
Getting the hang of it

Registered: 2003-10-19
Posts: 81
Loc: Beale Air Force Base, CA
Ahh I didn't even think to check the error message.. I know why it isn't working now..

SetInfo: -2147352567 COM exception error "SetInfo" (Active Directory - General access denied error) [-2147352567/80020009]

Our AD is set up weird. We have to use this Enterprise Directory Manager tool to make any changes now. The tool is bound to an account... and the account it is bound to is the only one that has access to make changes to objects in the directory. I completely forgot about that.

Top
Page 1 of 1 1


Moderator:  Shawn, ShaneEP, Arend_, Jochen, Radimus, Glenn Barnas, Allen, Mart 
Hop to:
Shout Box

Who's Online
0 registered and 166 anonymous users online.
Newest Members
amelindarķe, Nims123, davidscroegh, davidscroe, DFGHJGH
17625 Registered Users

Generated in 0.074 seconds in which 0.027 seconds were spent on a total of 12 queries. Zlib compression enabled.

Search the board with:
superb Board Search
or try with google:
Google
Web kixtart.org