Post by cybercoasterHello,
I am looking for a script that can dump the expiration date of all local user
accounts. The only scripts I can seem to locate deal with one user and for
Active Directory. Can anyone point me in the right direction?
Thanks.
You must use the WinNT provider with local user accounts. You can use the
maxPasswordAge and passwordAge properties (both in seconds) to determine
when the password will expire (or if it is already expired). In addition,
you should use the userFlags property to check if the password can expire
for the user. For example (not tested):
====
Option Explicit
Dim objNetwork, strComputer, objComputer, objUser, lngFlag
Dim lngMaxPwdAge, lngPwdAge, dtmExpire
Const ADS_UF_PASSWD_CANT_CHANGE = &H10
Const ADS_UF_DONT_EXPIRE_PASSWD = &H10000
' Retrieve NetBIOS name of local computer.
Set objNetwork = CreateObject("Wscript.Network")
strComputer = objNetwork.ComputerName
' Bind to local computer object.
Set objComputer = GetObject("WinNT://" & strComputer)
' Filter on user objects.
objComputer.Filter = Array("user")
' Enumerate all local users.
For Each objUser In objComputer
' Retrieve values.
lngFlag = objUser.userFlags
lngMaxPwdAge = CLng(objUser.maxPasswordAge / 86400)
lngPwdAge = Clng(objUser.passwordAge / 86400)
' Check if password can expire or be changed.
If (lngFlag And ADS_UF_PASSWD_CANT_CHANGE) <> 0 Then
Wscript.Echo objUser.Name & ",<Password cannot change>"
ElseIf(lngFlag And ADS_UF_DONT_EXPIRE_PASSWD) <> 0 Then
Wscript.Echo objUser.Name & ",<Password does not expire>"
ElseIf (lngMaxPwdAge > lngPwdAge) Then
' Calculate when password will expire.
dtmExpire = DateAdd("d", Now(), lngMaxPwdAge - lngPwdAge)
Wscript.Echo objUser.Name & "," & dtmExpire
Else
Wscript.Echo objUser.Name & ",<Password expired>"
End If
Next
--
Richard Mueller
MVP Directory Services
Hilltop Lab - http://www.rlmueller.net
--