bonesz100 Posted April 16, 2009 Share Posted April 16, 2009 I have a question on what attributes can be pulled from Active Directory. I wanted to retrieve when a user's password would expire from AD. I could grab the Password Last Set field, but then I would have to translate the date to the appropriate expiration date\time. I would rather not do this if I don't have to.An exert of my code:$objTrans = ObjCreate("NameTranslate")$objTrans.Init($ADS_NAME_INITTYPE_GC, "")$objTrans.Set($ADS_NAME_TYPE_1779, @LogonDomain)$objTrans.Set($ADS_NAME_TYPE_NT4, @LogonDomain & "\" & $username)$strUserDN = $objTrans.Get($ADS_NAME_TYPE_1779)$UserObj = ObjGet("LDAP://" & $diamDC[$i] & "/" & $strUserDN);Would like for a way to get when the password expires, I just don't know the correct attribute to use.$pwexpire = $UserObj.???????-----------------------------------------------I tried $UserObj.PasswordExpirationDate - but there is no data in this return.Anyone have any ideas? Link to comment Share on other sites More sharing options...
water Posted April 16, 2009 Share Posted April 16, 2009 This post might be a good place to start. That's where I got the function to properly display all AD attributes. My UDFs and Tutorials: Spoiler UDFs:Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - WikiExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example ScriptsOutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - WikiOutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - DownloadOutlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - WikiPowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - WikiTask Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs:Excel - Example Scripts - WikiWord - Wiki Tutorials:ADO - WikiWebDriver - Wiki Link to comment Share on other sites More sharing options...
EndFunc Posted April 17, 2009 Share Posted April 17, 2009 I have a question on what attributes can be pulled from Active Directory. I wanted to retrieve when a user's password would expire from AD. I could grab the Password Last Set field, but then I would have to translate the date to the appropriate expiration date\time. I would rather not do this if I don't have to. An exert of my code: $objTrans = ObjCreate("NameTranslate") $objTrans.Init($ADS_NAME_INITTYPE_GC, "") $objTrans.Set($ADS_NAME_TYPE_1779, @LogonDomain) $objTrans.Set($ADS_NAME_TYPE_NT4, @LogonDomain & "\" & $username) $strUserDN = $objTrans.Get($ADS_NAME_TYPE_1779) $UserObj = ObjGet("LDAP://" & $diamDC[$i] & "/" & $strUserDN) ;Would like for a way to get when the password expires, I just don't know the correct attribute to use. $pwexpire = $UserObj.??????? ----------------------------------------------- I tried $UserObj.PasswordExpirationDate - but there is no data in this return. Anyone have any ideas? You have to use the WinNT provider and not LDAP. LDAP doesn't support PasswordExpirationDate. Try $UserObj = ObjGet("WinNT://" & $diamDC[$i] & "/" & $strUserDN) EndFuncAutoIt is the shiznit. I love it. Link to comment Share on other sites More sharing options...
bonesz100 Posted April 17, 2009 Author Share Posted April 17, 2009 (edited) You have to use the WinNT provider and not LDAP. LDAP doesn't support PasswordExpirationDate. Try $UserObj = ObjGet("WinNT://" & $diamDC[$i] & "/" & $strUserDN) Is there a good place to look on the web to see what information is available with the WinNT object vs the LDAP object? I guess i'm not exactly sure what the difference is. Should be using WINNT instead of LDAP? BTW - I'm using this script on a Win 2003 domain. Edited April 17, 2009 by bonesz100 Link to comment Share on other sites More sharing options...
water Posted April 18, 2009 Share Posted April 18, 2009 The internet is your friend :-) I searched for "//WINNT: active directory expire" WinNT vs LDAPName AttributesADSI WinNT provider My UDFs and Tutorials: Spoiler UDFs:Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - WikiExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example ScriptsOutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - WikiOutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - DownloadOutlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - WikiPowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - WikiTask Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs:Excel - Example Scripts - WikiWord - Wiki Tutorials:ADO - WikiWebDriver - Wiki Link to comment Share on other sites More sharing options...
bonesz100 Posted April 20, 2009 Author Share Posted April 20, 2009 I ended up just taking the string from LDAP - PasswordlastChanged attribute and converting it to a format where I could apply the _DateAdd() UDF and that got me the data i wanted. I appreciate the links. Sounds like LDAP is the better choice as it has quicker returns on object querys.. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now