Search the Community
Showing results for tags 'AD UDF password granular'.
-
Hello, I'm trying to write a script that will run at login to let users know that their password is getting ready to expire in 5 days or less. I originally wrote a PowerShell script to do this but then found out that it would run on everyone's PC because the AD module for PS wasn't installed and couldn't be distributed easily. Back to the drawing board. This time, I'm trying it with AutoIT. Here in my initial testing, I'm noticing that I haven't been able to get it recognize granular password policies which we introduced with Windows Server 2008 which we use. In our company, most users have their passwords expire every X days while members of certain departments have their passwords expire every Y days which is less than X. When I run the script on a user with Y, the script thinks that he has X days left. So it appears to only be recognizing the default AD password policy but the granular ones. Like I said, I'm just starting. Here's what I've used from one of the sample scripts: #include <AD.au3> #include <MsgBoxConstants.au3> _AD_Open() Global $aPassword = _AD_GetPasswordInfo() $sExpires = _DateDiff("D", _NowCalc(), $aPassword[9]) ; test: $sExpires = _DateDiff("D", $aPassword[9], _NowCalc()) MsgBox($MB_SYSTEMMODAL, "Password Info","Last Changed: "&$aPassword[8]&" Expires: "&$aPassword[9], 0) _AD_Close() When I run this on a test user, the message box indicates the password expires in several days from now but when I check it in AD, it is only a few days away since this user is in one of the departments with a shorter length. Is there a way to take the granular password policies into account? Thank you. -Marc