Help, script to find user not logged in for a number of time (usiing LastloginTimeStamp)

TheMSsForum.com: The Microsoft Software Forum

Hi,

Well, my script (below) is supposed to find all user's on the domain
which have "password cannot expire" falgged, aswell as a list of all
users (by name) who have not logged on for a month.

If we only use the line:
(userAccountControl:1.2.840.113556.1.4.803:=65536); in the LDAP search
query, the script works fine, and returns a list of all user by name.
But when (lastLogonTimeStamp<= 127751249340000000) is added in the
search, the script returns nothing,

any advice would be great appreciated.

Regards

Khurram
Orion4_@hotmail.com



'
------------------------------------------------------------------------------------------------
' UserAudit_2.vbs
' Creates a report based on AD user properties for security auditing
purposes
'
------------------------------------------------------------------------------------------------

On Error Resume Next
'set parameters for ADOB Connection
Set objADConnection = CreateObject("ADODB.Connection")
Set objADCommand = CreateObject("ADODB.Command")
objADConnection.Provider = "ADsDSOObject"
objADConnection.Open "Active Directory Provider"
Set objADCommand.ActiveConnection = objADConnection

objADCommand.Properties("Page Size") = 1000

'connect to AD using LDAP, and search for users with
'the "ADS_UF_DONT_EXPIRE_PASSWD" flag (use value 65536)
objADCommand.CommandText = _
"<LDAP://DC=rfs,DC=nsw,DC=gov,DC=au>;" & _

"(&(ObjectCategory=Person)(objectCategory=User)(lastLogonTimeStamp<=
127751249340000000)(userAccountControl:1.2.840.113556.1.4.803:=65536));"
& _
"Name;Subtree"

'Define Record set
Set rsAD = objADCommand.Execute

'start at beggining of Record Set
rsAD.MoveFirst

'Print out the names of all users in RS
Do Until rsAD.EOF
Wscript.Echo rsAD.Fields("Name").Value
rsAD.MoveNext
Loop
Top

RE: Help, script to find user not logged in for a number of time (usii by ThiagoFerreira

ThiagoFerreira
Fri Dec 16 06:27:02 CST 2005

strDCs = "YOUR DOMAIN HERE"

sObjects = Split(strDCs, "|")
Set oDomain = GetObject("WinNT://" & sObjects(0))


if WScript.Arguments.Count = 1 then
set strUser = GetObject("WinNT://" & sObjects(0) & "/" &
WScript.Arguments(0))
sUsrLogin = strUser.LastLogin
If UBound(sObjects) >= 1 Then
For ii = 1 To UBound(sObjects)
Set oUsr = GetObject("WinNT://" & sObjects(ii) & "/" &
WScript.Arguments(0))
If oUsr.LastLogin > sUsrLogin Then sUsrLogin = oUsr.LastLogin
Next
End If

Wscript.echo "Logon Name: "& strUser.name
Wscript.echo "Full Name: "& strUser.fullname
Wscript.echo "Last Logon Time: "& sUsrLogin


else
Set XL= CreateObject("Excel.Application")
XL.Application.Visible = True
xl.Application.Workbooks.Add
Xl.application.ActiveSheet.Cells(1,1).Value = "Logon Name"
Xl.application.ActiveSheet.Cells(1,2).Value = "Full Name"
Xl.application.ActiveSheet.Cells(1,3).Value = "Last Logon Time"

oDomain.Filter = Array("User")
UsrCnt=1
For Each oDomainItem In oDomain
set strUser = GetObject("WinNT://" & sObjects(0) & "/" & oDomainItem.name)
sUsrLogin = strUser.LastLogin
If UBound(sObjects) >= 1 Then
For ii = 1 To UBound(sObjects)
Set oUsr = GetObject("WinNT://" & sObjects(ii) & "/" & oDomainItem.name)
If oUsr.LastLogin > sUsrLogin Then sUsrLogin = oUsr.LastLogin
Next
End If
UsrCnt=UsrCnt+1
Xl.application.ActiveSheet.Cells(UsrCnt,1).Value = strUser.name
Xl.application.ActiveSheet.Cells(UsrCnt,2).Value = strUser.fullname
Xl.application.ActiveSheet.Cells(UsrCnt,3).Value = sUsrLogin
Next

end if

Wscript.echo "End"

This script will show you an excell page with that.


Bye




"orion4_@hotmail.com" wrote:

> Hi,
>
> Well, my script (below) is supposed to find all user's on the domain
> which have "password cannot expire" falgged, aswell as a list of all
> users (by name) who have not logged on for a month.
>
> If we only use the line:
> (userAccountControl:1.2.840.113556.1.4.803:=65536); in the LDAP search
> query, the script works fine, and returns a list of all user by name.
> But when (lastLogonTimeStamp<= 127751249340000000) is added in the
> search, the script returns nothing,
>
> any advice would be great appreciated.
>
> Regards
>
> Khurram
> Orion4_@hotmail.com
>
>
>
> '
> ------------------------------------------------------------------------------------------------
> ' UserAudit_2.vbs
> ' Creates a report based on AD user properties for security auditing
> purposes
> '
> ------------------------------------------------------------------------------------------------
>
> On Error Resume Next
> 'set parameters for ADOB Connection
> Set objADConnection = CreateObject("ADODB.Connection")
> Set objADCommand = CreateObject("ADODB.Command")
> objADConnection.Provider = "ADsDSOObject"
> objADConnection.Open "Active Directory Provider"
> Set objADCommand.ActiveConnection = objADConnection
>
> objADCommand.Properties("Page Size") = 1000
>
> 'connect to AD using LDAP, and search for users with
> 'the "ADS_UF_DONT_EXPIRE_PASSWD" flag (use value 65536)
> objADCommand.CommandText = _
> "<LDAP://DC=rfs,DC=nsw,DC=gov,DC=au>;" & _
>
> "(&(ObjectCategory=Person)(objectCategory=User)(lastLogonTimeStamp<=
> 127751249340000000)(userAccountControl:1.2.840.113556.1.4.803:=65536));"
> & _
> "Name;Subtree"
>
> 'Define Record set
> Set rsAD = objADCommand.Execute
>
> 'start at beggining of Record Set
> rsAD.MoveFirst
>
> 'Print out the names of all users in RS
> Do Until rsAD.EOF
> Wscript.Echo rsAD.Fields("Name").Value
> rsAD.MoveNext
> Loop
>
>
Top