[windows2000] Re: Resetting Password Expiration

  • From: "Sullivan, Glenn" <GSullivan@xxxxxxxxxxxxxx>
  • To: <windows2000@xxxxxxxxxxxxx>
  • Date: Fri, 21 May 2004 13:38:52 -0400

Here you go:

<----Start Indented Script--------->
Const ADS_UF_DONT_EXPIRE_PASSWD = &H10000

On Error Resume Next
Set objOU = GetObject _
    ("LDAP://cn=Users,dc=DavidClark,dc=com";)
  
ObjOU.Filter= Array("user")

For Each objUser in objOU
        lngFlag = objUser.Get("userAccountControl")
        If (lngFlag And ADS_UF_DONT_EXPIRE_PASSWD) 0 Then
                lngFlag = lngFlag Xor ADS_UF_DONT_EXPIRE_PASSWD
                objUser.Put "userAccountControl", lngFlag
                objUser.SetInfo
        End If
Next
<-----End Indented Script--------->

If that gets all screwed up by line wraps, here is a version that is not 
indented...

<----Start unindented Script--------->
Const ADS_UF_DONT_EXPIRE_PASSWD = &H10000

On Error Resume Next
Set objOU = GetObject _
    ("LDAP://cn=Users,dc=DavidClark,dc=com";)
  
ObjOU.Filter= Array("user")

For Each objUser in objOU
lngFlag = objUser.Get("userAccountControl")
If (lngFlag And ADS_UF_DONT_EXPIRE_PASSWD) 0 Then
lngFlag = lngFlag Xor ADS_UF_DONT_EXPIRE_PASSWD
objUser.Put "userAccountControl", lngFlag
objUser.SetInfo
End If
Next
<-----End unindented Script--------->

Please make sure that you test on a couple of spare accounts in a test OU.  If 
the users are in a OU instead of the default "users" container, change the LDAP 
connection string as follows:
("LDAP://ou=<OU Name>,dc=<DomainName>,dc=com")

Using "ou=" for organizational units, and "cn=" for default containers.

HTH,

Glenn Sullivan, MCSE+I  MCDBA
David Clark Company Inc. 

-----Original Message-----
From: windows2000-bounce@xxxxxxxxxxxxx
[mailto:windows2000-bounce@xxxxxxxxxxxxx]On Behalf Of Puetz, Christoph
Posted At: Friday, May 21, 2004 1:23 PM
Posted To: Windows 2000
Conversation: [windows2000] Resetting Password Expiration
Subject: [windows2000] Resetting Password Expiration


Is there an easy to remove the password expiration (to not expire) on 500
users with a script? We're finally allowed to have passwords expire and
force users to change it. I do not want to click 500 check boxes to uncheck
this setting in AD.

Christoph

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________
********************************************************
This Weeks Sponsor StressedPuppy.com Games
Feeling stressed out? Check out our games to
relieve your stress.
http://www.StressedPuppy.com
********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://thethin.net/win2000list.cfm
********************************************************
This Weeks Sponsor StressedPuppy.com Games
Feeling stressed out? Check out our games to
relieve your stress.
http://www.StressedPuppy.com
********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://thethin.net/win2000list.cfm

Other related posts:

  1. Home
  2. windows2000
  3. Archive
  4. 05-2004