JojoChen's MIS Blog

假日自動在家加班，撰寫AD使用者密碼快到期，自動e-mail通知Windows Client使用者，避免使用者密碼到期忘了變更。

其VBScript如下：

Set objFSO=CreateObject("Scripting.FileSystemObject")
Set OutputFile=objFSO.OpenTextFile("d:\PasswordExpires.txt",2,true)
OutputFile.WriteLine "帳號"  & vbtab & "部門" & vbtab & "密碼到期日" & vbtab & "剩餘天數"

Const ADS_SCOPE_SUBTREE = 2

Set objConnection = CreateObject("ADODB.Connection")
Set objCommand =   CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"

Set objCOmmand.ActiveConnection = objConnection
objCommand.CommandText = _
    "Select Name,distinguishedName,displayName,mail,givenName from 'LDAP://OU=MIS,DC=test,DC=com' " & "Where objectClass='USER' AND USERAccountControl='512'"
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst

Do Until objRecordSet.EOF

    Dim oDomain
    Dim oUser
    Dim maxPwdAge
    Dim numDays
   
    strDomainDN = "test.com"
    strUserDN = strDomainDN & "/" & objRecordSet.Fields("distinguishedName").Value

    
    Set oDomain = GetObject("LDAP://" & strDomainDN)
    Set maxPwdAge = oDomain.Get("maxPwdAge")

   
    numDays = CCur((maxPwdAge.HighPart * 2 ^ 32) + maxPwdAge.LowPart) / CCur(-864000000000)
    
    Set oUser = GetObject("LDAP://" & strUserDN)

    whenPasswordExpires = DateAdd("d", numDays, oUser.PasswordLastChanged)
    
    PasswordExpiresDays=DateDiff("d", Now, whenPasswordExpires)
    
    If abs(PasswordExpiresDays) <=10 then
       OutputFile.WriteLine objRecordSet.Fields("name").Value & vbtab & _
       objRecordSet.Fields("displayname").Value & vbtab & _
       whenPasswordExpires  & vbtab & _
       "還剩 " & PasswordExpiresDays & "天變更密碼"
       Set objEmail = CreateObject("CDO.Message")
       objEmail.From = "jojo@test.com"
       objEmail.To = objRecordSet.Fields("mail").Value
       objEmail.cc = "mis@test.com"
       objEmail.Subject = "AD使用者密碼到期通知"
       objEmail.Textbody ="Dear " & objRecordSet.Fields("givenName").Value &  vbNewline  & "還剩 " & PasswordExpiresDays & "天變更密碼"
       objEmail.Configuration.Fields.Item _
    ("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
       objEmail.Configuration.Fields.Item _
    ("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "test.com"
       objEmail.Configuration.Fields.Item _
    ("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
       objEmail.Configuration.Fields.Update

       objEmail.Send

Set objEmail = nothing
    end if

    objRecordSet.MoveNext
Loop
    
    
Set oUser = Nothing
Set maxPwdAge = Nothing
Set oDomain = Nothing
OutputFile.Close