Sign in to follow this  
Followers 0
LVCVA

Can Active Directory UDF handle granular password policies

4 posts in this topic

Hello,

I'm trying to write a script that will run at login to let users know that their password is getting ready to expire in 5 days or less. I originally wrote a PowerShell script to do this but then found out that it would run on everyone's PC because the AD module for PS wasn't installed and couldn't be distributed easily. Back to the drawing board. This time, I'm trying it with AutoIT. Here in my initial testing, I'm noticing that I haven't been able to get it recognize granular password policies which we introduced with Windows Server 2008 which we use. In our company, most users have their passwords expire every X days while members of certain departments have their passwords expire every Y days which is less than X. When I run the script on a user with Y, the script thinks that he has X days left. So it appears to only be recognizing the default AD password policy but the granular ones. Like I said, I'm just starting. Here's what I've used from one of the sample scripts:

#include <AD.au3>
#include <MsgBoxConstants.au3>

_AD_Open()
Global $aPassword = _AD_GetPasswordInfo()
$sExpires = _DateDiff("D", _NowCalc(), $aPassword[9])
; test: $sExpires = _DateDiff("D", $aPassword[9], _NowCalc())
MsgBox($MB_SYSTEMMODAL, "Password Info","Last Changed: "&$aPassword[8]&"  Expires: "&$aPassword[9], 0)
_AD_Close()

When I run this on a test user, the message box indicates the password expires in several days from now but when I check it in AD, it is only a few days away since this user is in one of the departments with a shorter length. Is there a way to take the granular password policies into account? Thank you.

-Marc

Share this post


Link to post
Share on other sites



At the moment the AD UDF doesn't support the granular password policy (link to the wiki).


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

Bummer. Thanks for the quick reply though.

Share this post


Link to post
Share on other sites

You are the first who demanded support for FGPP.

As we haven't implemended FGPP I can't test.

But if you aren't in a hurry I could try to implemend this feature to the UDF - but all testing needs to be done by you.


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0