bonesz100 Posted April 16, 2009 Posted April 16, 2009 I have a question on what attributes can be pulled from Active Directory. I wanted to retrieve when a user's password would expire from AD. I could grab the Password Last Set field, but then I would have to translate the date to the appropriate expiration date\time. I would rather not do this if I don't have to.An exert of my code:$objTrans = ObjCreate("NameTranslate")$objTrans.Init($ADS_NAME_INITTYPE_GC, "")$objTrans.Set($ADS_NAME_TYPE_1779, @LogonDomain)$objTrans.Set($ADS_NAME_TYPE_NT4, @LogonDomain & "\" & $username)$strUserDN = $objTrans.Get($ADS_NAME_TYPE_1779)$UserObj = ObjGet("LDAP://" & $diamDC[$i] & "/" & $strUserDN);Would like for a way to get when the password expires, I just don't know the correct attribute to use.$pwexpire = $UserObj.???????-----------------------------------------------I tried $UserObj.PasswordExpirationDate - but there is no data in this return.Anyone have any ideas?
water Posted April 16, 2009 Posted April 16, 2009 This post might be a good place to start. That's where I got the function to properly display all AD attributes. My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki
EndFunc Posted April 17, 2009 Posted April 17, 2009 I have a question on what attributes can be pulled from Active Directory. I wanted to retrieve when a user's password would expire from AD. I could grab the Password Last Set field, but then I would have to translate the date to the appropriate expiration date\time. I would rather not do this if I don't have to. An exert of my code: $objTrans = ObjCreate("NameTranslate") $objTrans.Init($ADS_NAME_INITTYPE_GC, "") $objTrans.Set($ADS_NAME_TYPE_1779, @LogonDomain) $objTrans.Set($ADS_NAME_TYPE_NT4, @LogonDomain & "\" & $username) $strUserDN = $objTrans.Get($ADS_NAME_TYPE_1779) $UserObj = ObjGet("LDAP://" & $diamDC[$i] & "/" & $strUserDN) ;Would like for a way to get when the password expires, I just don't know the correct attribute to use. $pwexpire = $UserObj.??????? ----------------------------------------------- I tried $UserObj.PasswordExpirationDate - but there is no data in this return. Anyone have any ideas? You have to use the WinNT provider and not LDAP. LDAP doesn't support PasswordExpirationDate. Try $UserObj = ObjGet("WinNT://" & $diamDC[$i] & "/" & $strUserDN) EndFuncAutoIt is the shiznit. I love it.
bonesz100 Posted April 17, 2009 Author Posted April 17, 2009 (edited) You have to use the WinNT provider and not LDAP. LDAP doesn't support PasswordExpirationDate. Try $UserObj = ObjGet("WinNT://" & $diamDC[$i] & "/" & $strUserDN) Is there a good place to look on the web to see what information is available with the WinNT object vs the LDAP object? I guess i'm not exactly sure what the difference is. Should be using WINNT instead of LDAP? BTW - I'm using this script on a Win 2003 domain. Edited April 17, 2009 by bonesz100
water Posted April 18, 2009 Posted April 18, 2009 The internet is your friend :-) I searched for "//WINNT: active directory expire" WinNT vs LDAPName AttributesADSI WinNT provider My UDFs and Tutorials: Spoiler UDFs: Active Directory (NEW 2024-07-28 - Version 1.6.3.0) - Download - General Help & Support - Example Scripts - Wiki ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki Task Scheduler (2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs: Excel - Example Scripts - Wiki Word - Wiki Tutorials: ADO - Wiki WebDriver - Wiki
bonesz100 Posted April 20, 2009 Author Posted April 20, 2009 I ended up just taking the string from LDAP - PasswordlastChanged attribute and converting it to a format where I could apply the _DateAdd() UDF and that got me the data i wanted. I appreciate the links. Sounds like LDAP is the better choice as it has quicker returns on object querys..
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now