PASSWORD NEVER EXPIRES FIELD - URGENT HELP NEEDED - PLEASE!!!

[Guest]

Hi

I need to remove the password never expires property on my users accounts, I
have tried dsmod but can only do one user at a time, not a complete ou. I
have seent the attached script that was previoulsy posted on here, but I do
not have a clue how to run it, could anyone please help me!

Thank you so much in advance.

Pauline

Const ADS_UF_DONT_EXPIRE_PASSWD = &h10000

Set objCommand = CreateObject("ADODB.Command")
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
objCommand.ActiveConnection = objConnection


strBase = "<LDAP://ou=sales,dc=ladava,dc=com>"
strFilter =
";(&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=65536))"
strAttributes = ";sAMAccountName,ADsPath"
strLevel = ";subtree"
objCommand.CommandText = strBase & strFilter & strAttributes & strLevel

objCommand.Properties("Page Size") = 100
objCommand.Properties("Timeout") = 30
objCommand.Properties("Cache Results") = False
Set objRecordSet = objCommand.Execute

Do Until objRecordSet.EOF
Wscript.Echo objRecordSet.Fields("sAMAccountName")
Set objUser = GetObject(objRecordSet.Fields("ADsPath"))
intUAC = objUser.Get("userAccountControl")
objUser.Put "userAccountControl", intUAC XOR ADS_UF_DONT_EXPIRE_PASSWD
objUSer.SetInfo
objRecordSet.MoveNext
Loop
objConnection.Close
Set objRootDSE = Nothing
Set objCommand = Nothing
Set objConnection = Nothing
Set objRecordSet = Nothing

 

[Dinesh Tashildar]

Get a dsmod.exe from Windows 2000 resource kit and use below command
dsmod user <UserDN ...> -pwdneverexpires {yes | no}

To apply on multiple users, create a batch file and execute above command in
for loop.

-Dinesh

 

[Guest]

Hi Dinesh

Thank you so much for your prompt response.

Hmm, when I try the batch file on multiple users it does not work, but when
I try it on one it does

I used the dsquery to export the users from the ou, and used the following

dsmod user "CN=Policy Test,OU=Users,OU=GPO,DC=htb,DC=tote,DC=co,DC=uk"
"CN=Itguru,OU=Users,OU=GPO,DC=htb,DC=tote,DC=co,DC=uk"
"CN=Policy Test2,OU=Users,OU=GPO,DC=htb,DC=tote,DC=co,DC=uk"
-pwdneverexpires no. But I get the following reply:

"CN=Policy Test2,OU=Users,OU=GPO,DC=htb,DC=tote,DC=co,DC=uk" is not
recognised asn an internal or external command. However again if I try this
account on its own it works!!!

 

[Dinesh Tashildar]

Create a batch file with below line
for /f %%i in (list.txt) do dsmod user
"CN=%%1,OU=Users,OU=GPO,DC=htb,DC=tote,DC=co,DC=uk" -pwdneverexpires no

in same path create a text file list.txt and write username in below format
Policy Test
Itguru
Policy Test2

I hope this will work for you.

- Dinesh

 

[Dinesh Tashildar]

Are you keeping dsmod in path (where u have copied your cmd and text file) ?

 

[Guest]

Hi

I copied this line:

Create a batch file with below line
and saved it as a batch file. I then created a list.txt file and saved them
both in the root of c.

Many thanks

 

[Dinesh Tashildar]

Copu below lines in one line

Hi

I copied this line:

Create a batch file with below line

and saved it as a batch file. I then created a list.txt file and saved
them
both in the root of c.

Many thanks

 

[Guest]

Hi Dinesh

I pasted this line, in one, into notepad and saved as gpo.bat. I then
placed the users in the format advised into notepad and saved as list.tc
(both in the root of C), this is the error message I receive:

C:\>for /F %i in (list.txt) do dsmod user
"CN=%1,OU=Users,OU=GPO,DC=htb,DC=tote,
DC=co,DC=uk" -pwdneverexpires no

C:\>dsmod user "CN=%1,OU=Users,OU=GPO,DC=htb,DC=tote,DC=co,DC=uk"
-pwdneverexpir
es no
dsmod failed:CN=%1,OU=Users,OU=GPO,DC=htb,DC=tote,DC=co,DC=ukirectory
object n
ot found.
type dsmod /? for help.
C:\>dsmod user "CN=%1,OU=Users,OU=GPO,DC=htb,DC=tote,DC=co,DC=uk"
-pwdneverexpir
es no
dsmod failed:CN=%1,OU=Users,OU=GPO,DC=htb,DC=tote,DC=co,DC=ukirectory
object n
ot found.
type dsmod /? for help.
C:\>dsmod user "CN=%1,OU=Users,OU=GPO,DC=htb,DC=tote,DC=co,DC=uk"
-pwdneverexpir
es no
dsmod failed:CN=%1,OU=Users,OU=GPO,DC=htb,DC=tote,DC=co,DC=ukirectory
object n
ot found.

 

[Guest]

Doh! Doh! Doh! I got you batch file option to work Dinesh, what I was doing
wrong was I was listing the users and not word wrapping them and leaving a
space! It works perfectly now. Thanks for all your help. )

 

[Dinesh Tashildar]

Always welcome..

Doh! Doh! Doh! I got you batch file option to work Dinesh, what I was
doing
wrong was I was listing the users and not word wrapping them and leaving a
space! It works perfectly now. Thanks for all your help. )