September 2003
Intermediate to advanced
624 pages
15h 49m
English
Content preview from Active Directory CookbookBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
6.23. Finding Users Whose Passwords Are About to Expire
Problem
You want to find the users whose passwords are about to expire.
Solution
Using a command-line interface
> dsquery user -stalepwd <NumDaysSinceLastPwdChange>Using Perl
#!perl # This code finds the user accounts whose password is about to expire # ------ SCRIPT CONFIGURATION ------ # Domain and container/OU to check for accounts that are about to expire my $domain = '<DomainDNSName>'; my $cont = ''; # set to empty string to query entire domain # Or set to a relative path in the domain, e.g. cn=Users # Days since password change my $days_ago = <NumDaysSinceLastPwdChange> # e.g. 60; # ------ END CONFIGURATION --------- use strict; use Win32::OLE; $Win32::OLE::Warn = 3; use Math::BigInt; # Need to convert the number of seconds from $day_ago # to a large integer for comparison against pwdLastSet my $past_secs = time - 60*60*24*$days_ago; my $intObj = Math::BigInt->new($past_secs); $intObj = Math::BigInt->new($intObj->bmul('10 000 000')); my $past_largeint = Math::BigInt->new( $intObj->badd('116 444 736 000 000 000')); $past_largeint =~ s/^[+-]//; # Setup the ADO connections my $connObj = Win32::OLE->new('ADODB.Connection'); $connObj->{Provider} = "ADsDSOObject"; # Set these next two if you need to authenticate # $connObj->Properties->{'User ID'} = '<User>'; # $connObj->Properties->{'Password'} = '<Password>'; $connObj->Open; my $commObj = Win32::OLE->new('ADODB.Command'); $commObj->{ActiveConnection} = $connObj; $commObj->Properties->{'Page ...