Uncheck the Password Never Expires Checkbox for an AD OU

By | March 12, 2008

The lazy admin knew I had a script that would do something to a users acount. Somthing with the passsword.
Well, I did. But not what he was asking for. So, I took the previous password script and changed it.
Thanks to Guy Tomas for starting the ball rolling.
I changed the script to uncheck the "password never expires" checkbox.

———-COPY EVERYTHING BELOW THIS LINE for the Script———-
' Taken From PwdLastSet .vbs
' VBScript to uncheck password never expires
' Authors Guy Thomas http://computerperformance.co.uk/ and Cheyenne Harden www.lazynetworkadmin.com
' Original Version 1.1 – May 2005 Changed by Chey Harden for the Lazy Admin on 3.5.08
' ————————————————————–'

On Error Resume Next

Dim objOU, objUser, objRootDSE
Dim strContainer, strDNSDomain, strOU
Dim intCounter, intPwdValue, intAccValue

'Choose the AD OU
strOU = inputbox("Enter the number of the OU you would like to uncheck the Password Never Expires checkbox."_
& vbCr & "OU:" & vbCr & "   1 = test OU" & vbCr &"   2 = Support Companies OU" _
& vbCr & "   3 = Territory Managers OU")

If strOU = "" Then
Wscript.Echo "You did not enter a number!"
Wscript.Quit

Else
' Bind to Active Directory Domain
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("DefaultNamingContext")

' ————————————————————-'
' Important change OU= to reflect your domain
' ————————————————————-'

Select Case strOU
 Case 1
  strContainer = "OU=test,"
 Case 2
  strContainer = "OU=Support Companies,ou=abccompany, "
 Case 3
  strContainer = "OU=Users,OU=Territory Managers,ou=abccompany, "
  
End Select

strContainer = strContainer & strDNSDomain
'Wscript.Echo strContainer 'This line is for testing
intCounter = 0
' Here we force a change of password at next logon
intPwdValue = 1   'Enable to have user reset their password
intAccValue = 512    'PASSWORD_EXPIRED FLAG

' Loop through OU=, resetting all user accounts
set objOU =GetObject("LDAP://" & strContainer )
For each objUser in objOU
   If objUser.class="user" then
      'objUser.Put "PwdLastSet", intPwdValue
   objUser.Put "userAccountControl", intAccValue
      objUser.SetInfo
   End If
intCounter = intCounter +1
Next

' Optional section to record how many accounts have been set
WScript.Echo "Accounts changed = " & intCounter
End If
WScript.Quit

———-COPY EVERYTHING ABOVE THIS LINE for the Script———-

 

 

PLEASE MAKE SURE NO WORD WRAPPING IS HAPPENING IN YOUR SCRIPT!!!

1. Make sure to be an admin for the Domain.
2. Change the case statement below to match your domain.
 Case 1
  strContainer = "OU=test,"
 Case 2
  strContainer = "OU=Support Companies,ou=abccompany, "
 Case 3
  strContainer = "OU=Users,OU=Territory Managers,ou=abccompany, "

3. Uncomment the line below for error checking
  'Wscript.Echo strContainer 'This line is for testing

4. Optionally, you can uncomment the line below to make the user reset their password at the next login.
 'objUser.Put "PwdLastSet", intPwdValue

 

This information is provided "AS IS" with no warranties expressed or implied.

Leave a Reply

Your email address will not be published. Required fields are marked *