Change password and change at next logon WannaBscriptGuy 5/24/2007 5:00:02 PM This script will change the password and set the account to change the password at next logon for a group of users listed in my text tile. I want to change it so it ONLY changes password for users that have that option checked already. I don't want it to change the password for users that already have logged in and changed their pswd. I though I could add this but it doesn't work: "If ouser.pwdLastSet = 0 THEN" Can somebody help? Set oFSO = CreateObject("Scripting.FilesystemObject") If (oArgs.Count <> 3) Then WScript.Echo "usage: SetPSWD4Many.vbs [LIST_FILE] [DOMAIN] [NEW_PASSWORD]" WScript.Echo "(ex) SetPSWD4Many.vbs list.txt ficc welcome2006" wscript.quit End If List = wscript.arguments(0) Domain = wscript.arguments(1) NewPSWD = wscript.arguments(2) If Not oFSO.FileExists(List) then wscript.echo "Error!! List file doesn't exist." wscript.quit End If Dim oUserList, sUserID Set oUserList = oFSO.OpenTextFile(List) Do While Not oUserList.AtEndOfStream sUserID = oUserList.Readline Dim DomainDN, Base, Filter, Attrs, Scope Dim objConn, objRS, ADPath DomainDN = Domain & ".corp.gs.com/cn=users,dc=" & Domain & ",dc=corp,dc=test,dc=com" Base = "<LDAP://" & DomainDN & ">;" Filter = "(&(objectCategory=user)(samAccountName=" & sUserID & "));" Attrs = "distinguishedName;" Scope = "subtree" set objconn = createobject("ADODB.Connection") objConn.Provider = "ADsDSOObject" objConn.Open "Active Directory Provider" set objRS = objConn.Execute(Base & Filter & Attrs & Scope) objRS.MoveFirst While Not objRS.EOF ADPath = objRS.Fields(0).value Dim oUser Err.Clear set oUser = GetObject("LDAP://" & ADPath) oUser.SetPassword(NewPSWD) If Err.Number = 0 then wscript.echo "Success!!" & vbtab & sUserID oUser.Put "pwdLastSet", 0 oUser.SetInfo Else wscript.echo "Error!!" & vbtab & sUserID End If objRS.MoveNext Wend Loop oUserList.Close

Re: Change password and change at next logon Jeffery Hicks <jhicks[ at ]sapien.com> 6/7/2007 7:32:01 PM WannaBscriptGuy wrote: [Quoted Text] > This script will change the password and set the account to change the > password at next logon for a group of users listed in my text tile. I want to > change it so it ONLY changes password for users that have that option checked > already. > I don't want it to change the password for users that already have logged in > and changed their pswd. I though I could add this but it doesn't work: "If > ouser.pwdLastSet = 0 THEN" Can somebody help? > > Set oFSO = CreateObject("Scripting.FilesystemObject") > If (oArgs.Count <> 3) Then > WScript.Echo "usage: SetPSWD4Many.vbs [LIST_FILE] [DOMAIN] > [NEW_PASSWORD]" > WScript.Echo "(ex) SetPSWD4Many.vbs list.txt ficc welcome2006" > wscript.quit > End If > > List = wscript.arguments(0) > Domain = wscript.arguments(1) > NewPSWD = wscript.arguments(2) > > If Not oFSO.FileExists(List) then > wscript.echo "Error!! List file doesn't exist." > wscript.quit > End If > > Dim oUserList, sUserID > > Set oUserList = oFSO.OpenTextFile(List) > > Do While Not oUserList.AtEndOfStream > sUserID = oUserList.Readline > > Dim DomainDN, Base, Filter, Attrs, Scope > Dim objConn, objRS, ADPath > > DomainDN = Domain & ".corp.gs.com/cn=users,dc=" & Domain & > ",dc=corp,dc=test,dc=com" > Base = "<LDAP://" & DomainDN & ">;" > Filter = "(&(objectCategory=user)(samAccountName=" & sUserID & "));" > Attrs = "distinguishedName;" > Scope = "subtree" > > set objconn = createobject("ADODB.Connection") > objConn.Provider = "ADsDSOObject" > objConn.Open "Active Directory Provider" > set objRS = objConn.Execute(Base & Filter & Attrs & Scope) > > objRS.MoveFirst > While Not objRS.EOF > ADPath = objRS.Fields(0).value > > Dim oUser > > Err.Clear > set oUser = GetObject("LDAP://" & ADPath) > oUser.SetPassword(NewPSWD) > If Err.Number = 0 then > wscript.echo "Success!!" & vbtab & sUserID > oUser.Put "pwdLastSet", 0 > oUser.SetInfo > Else > wscript.echo "Error!!" & vbtab & sUserID > End If > > objRS.MoveNext > Wend > > Loop > > oUserList.Close You might try checking the password age. Divide the value by 86400 to get the age in days. Only make changes if the age exceeds some limit. -- Jeffery Hicks SAPIEN Technologies - Scripting, Simplified. www.SAPIEN.com VBScript & Windows PowerShell Training - www.ScriptingTraining.com/classes.asp Windows PowerShell? - www.SAPIENPress.com/powershell.asp blog: http://blog.SAPIEN.com blog: http://jdhitsolutions.blogspot.com