Password about to expire (Perl)
This code can be found in
Chapter 6 of Active Directory Cookbook, 2nd edition
Purchase XP Cookbook or Networking Recipes for only $25 plus shipping! While supplies last.
Find out how to download all of the Perl code from this site.
# This Perl code finds the user accounts whose password is about to expire
# ---------------------------------------------------------------
# From the book "Active Directory Cookbook" by Robbie Allen
# ISBN: 0-596-00466-4
# ---------------------------------------------------------------
# ------ SCRIPT CONFIGURATION ------
# Domain and container/OU to check for accounts that are about to expire
my $domain = '<DomainDNSName>';
my $cont = ''; # set to empty string to query entire domain
# Or set to a relative path in the domain, e.g. cn=Users
# Days since password change
my $days_ago = <NumDaysSinceLastPwdChange>; # e.g. 60
# ------ END CONFIGURATION ---------
use strict;
use Win32::OLE;
$Win32::OLE::Warn = 3;
$Win32::OLE::Warn = 3;
use Math::BigInt;
# Need to convert the number of seconds from $day_ago
# to a large integer for comparison against pwdLastSet
my $past_secs = time - 60*60*24*$days_ago;
my $intObj = Math::BigInt->new($past_secs);
$intObj = Math::BigInt->new($intObj->bmul('10 000 000'));
my $past_largeint = Math::BigInt->new(
$intObj->badd('116 444 736 000 000 000'));
$past_largeint =~ s/^[+-]//;
# Setup the ADO connections
my $connObj = Win32::OLE->new('ADODB.Connection');
$connObj->{Provider} = "ADsDSOObject";
# Set these next two if you need to authenticate
# $connObj->Properties->{'User ID'} = '<User>';
# $connObj->Properties->{'Password'} = '<Password>';
$connObj->Open;
my $commObj = Win32::OLE->new('ADODB.Command');
$commObj->{ActiveConnection} = $connObj;
$commObj->Properties->{'Page Size'} = 1000;
# Grab the default domain naming context
my $rootDSE = Win32::OLE->GetObject("LDAP://$domain/RootDSE");
my $rootNC = $rootDSE->Get("defaultNamingContext");
# Run ADO query and print results
$cont .= "," if $cont and not $cont =~ /,$/;
my $query = "<LDAP://$domain/$cont$rootNC>;";
$query .= "(&(objectclass=user)";
$query .= "(objectcategory=Person)";
$query .= "(!useraccountcontrol:1.2.840.113556.1.4.803:=2)";
$query .= "(pwdLastSet<=$past_largeint)";
$query .= "(!pwdLastSet=0));";
$query .= "cn,distinguishedName;";
$query .= "subtree";
$commObj->{CommandText} = $query;
my $resObj = $commObj->Execute($query);
die "Could not query $domain: ",$Win32::OLE::LastError,"\n"
unless ref $resObj;
print "\nUsers who haven't set their passwd in $days_ago days or longer:\n";
my $total = 0;
while (!($resObj->EOF)) {
print "\t",$resObj->Fields("distinguishedName")->value,"\n";
$total++;
$resObj->MoveNext;
}
print "Total: $total\n";
|
This code has been viewed 2857 times.
|
New from the creators of TechTasks.com:
StatSheet.com
|
