All users must change password at next login

Home Forums Scripting General Scripting All users must change password at next login

Viewing 1 post (of 1 total)
  • Author
    Posts
  • Avatar
    ekrengel
    Member
    #129834

    I am trying to write a script that will force all users in my domain to change their password at next login, but I want to skip the accounts that have their passwords set to never expire. This is what I came up with, but it is kindof hard to test, unless I want to screw up my whole domain…lol. Can anyone help?

    Set objRootDSE = GetObject(“LDAP://rootDSE”)
    strDNSDomain = objRootDSE.Get(“defaultNamingContext”)

    Set objConnection = CreateObject(“ADODB.Connection”)
    Set objCommand = CreateObject(“ADODB.Command”)
    objConnection.Provider = “ADsDSOObject”
    objConnection.Open “Active Directory Provider”
    Set objCommand.ActiveConnection = objConnection

    objCommand.Properties(“Page Size”) = 1000
    objCommand.Properties(“Searchscope”) = ADS_SCOPE_SUBTREE

    objCommand.CommandText = _
    “SELECT AdsPath FROM ‘LDAP://” & strDNSDomain & “‘ WHERE ” _
    & “objectCategory=’person’ AND ObjectClass=’user'”

    Set objRecordSet = objCommand.Execute
    If not objRecordSet.EOF Then
    objRecordSet.MoveFirst
    Do Until objRecordSet.EOF
    Set objUser = GetObject(objRecordSet.Fields(“AdsPath”).Value)

    ‘On Error Resume Next
    If objUser.PasswordExpired = 0 Then
    objRecordSet.MoveNext
    Else
    objUser.Put “PwdLastSet”, 0
    objUser.SetInfo
    End If
    objRecordSet.MoveNext
    Loop
    On Error GoTo 0

    msgbox “All users will now change their password at next login!”[/CODE][CODE]Set objRootDSE = GetObject(“LDAP://rootDSE”)
    strDNSDomain = objRootDSE.Get(“defaultNamingContext”)

    Set objConnection = CreateObject(“ADODB.Connection”)
    Set objCommand = CreateObject(“ADODB.Command”)
    objConnection.Provider = “ADsDSOObject”
    objConnection.Open “Active Directory Provider”
    Set objCommand.ActiveConnection = objConnection

    objCommand.Properties(“Page Size”) = 1000
    objCommand.Properties(“Searchscope”) = ADS_SCOPE_SUBTREE

    objCommand.CommandText = _
    “SELECT AdsPath FROM ‘LDAP://” & strDNSDomain & “‘ WHERE ” _
    & “objectCategory=’person’ AND ObjectClass=’user'”

    Set objRecordSet = objCommand.Execute
    If not objRecordSet.EOF Then
    objRecordSet.MoveFirst
    Do Until objRecordSet.EOF
    Set objUser = GetObject(objRecordSet.Fields(“AdsPath”).Value)

    ‘On Error Resume Next
    If objUser.PasswordExpired = 0 Then
    objRecordSet.MoveNext
    Else
    objUser.Put “PwdLastSet”, 0
    objUser.SetInfo
    End If
    objRecordSet.MoveNext
    Loop
    On Error GoTo 0

    msgbox “All users will now change their password at next login!”[/CODE]

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.