September 2003
Intermediate to advanced
624 pages
15h 49m
English
Content preview from Active Directory CookbookBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
6.25. Setting a User’s Account to Expire in the Future
Problem
You want a user’s account to expire at some point in the future.
Solution
Using a graphical user interface
Open the Active Directory Users and Computers snap-in.
In the left pane, right-click on the domain and select Find.
Select the appropriate domain beside In.
Beside Name, type the name of the user you want to modify and click Find Now.
In the Search Results, double-click on the user.
Click the Account tab.
Under Account expires, select the radio button beside End of.
Select the date the account should expire.
Click OK.
Using a command-line interface
Valid values for the -acctexpires flag include a
positive number of days in the future when the account should expire,
to expire the account at the end of the day, or
“never” to disable account
expiration.
> dsmod user "<UserDN>" -acctexpires <NumDays>
Using VBScript
' This code sets the account expiration date for a user. ' ------ SCRIPT CONFIGURATION ------ strExpireDate = "<Date>" ' e.g. "07/10/2004" strUserDN = "<UserDN>" ' e.g. cn=rallen,ou=Sales,dc=rallencorp,dc=com ' ------ END CONFIGURATION --------- set objUser = GetObject("LDAP://" & strUserDN) objUser.AccountExpirationDate = strExpireDate objUser.SetInfo WScript.Echo "Set user " & strUserDN & " to expire on " & strExpireDate ' These two lines would disable account expiration for the user ' objUser.Put "accountExpires", 0 ' objUser.SetInfo
Discussion
User accounts can be configured to expire on a certain date. Account expiration ...