Board logo

标题: [转贴] VBS脚本实现AD用户的密码过期通知(可指定OU) [打印本页]

作者: VBScript    时间: 2012-4-7 22:20     标题: VBS脚本实现AD用户的密码过期通知(可指定OU)

  1. Const HOSTING_OU = "ou=dl,ou=City"
  2. Const SMTP_SERVER = "10.15.0.10"
  3. Const STRFROM = "test@51cto.com"
  4. Const DAYS_FOR_EMAIL = 7
  5. ' System Constants - do not change
  6. Const ONE_HUNDRED_NANOSECOND = .000000100 ' .000000100 is equal to 10^-7
  7. Const SECONDS_IN_DAY = 86400
  8. Const ADS_UF_DONT_EXPIRE_PASSWD = &h10000
  9. Const E_ADS_PROPERTY_NOT_FOUND = &h8000500D
  10. ' Change to "True" for extensive debugging output
  11. Const bDebug = False
  12. Dim objRoot
  13. Dim numDays, iResult
  14. Dim strDomainDN,oUser
  15. Dim objContainer, objSub
  16. dim fso,f1
  17. Dim FileName
  18. ServerAddress = "\\10.15.0.5\itonly$\logs\"
  19. FileName=ServerAddress & "密码过期信息.txt"
  20. Set fso = CreateObject("Scripting.FileSystemObject")
  21. If  (fso.FileExists(FileName)) Then
  22.    Set f1 = fso.CreateTextFile(FileName,True)
  23. Set objRoot = GetObject ("LDAP://RootDSE")
  24. strDomainDN = objRoot.Get ("defaultNamingContext")
  25. 'wscript.echo strDomainDN
  26. Set objRoot = Nothing
  27. numdays = GetMaximumPasswordAge (strDomainDN)
  28. 'wscript.echo  "Maximum Password Age: " & numDays
  29. f1.WriteLine  "  最大密码周期:" & numDays & "天"
  30. If numDays > 0 Then
  31. Set objContainer = GetObject ("LDAP://ou=dl,ou=City," & strDomainDN)
  32. Call ProcessFolder (objContainer, numDays)
  33. Set objContainer = Nothing
  34. If Len (HOSTING_OU) > 0 Then
  35. Set objContainer = GetObject ("LDAP://" & HOSTING_OU & "," & strDomainDN)
  36. For each objSub in objContainer
  37. Call ProcessFolder (objSub, numDays)
  38. Next
  39. Set objContainer = Nothing
  40. End If
  41. '========================================
  42. ' Add the number of days to the last time
  43. ' the password was set.
  44. '========================================
  45. 'whenPasswordExpires = DateAdd ("d", numDays, oUser.PasswordLastChanged)
  46. 'WScript.Echo "Password Last Changed: " & oUser.PasswordLastChanged
  47. 'WScript.Echo "Password Expires On: " & whenPasswordExpires
  48. End If
  49. end if
  50. WScript.Echo "执行完毕!"
  51. Function GetMaximumPasswordAge (ByVal strDomainDN)
  52. Dim objDomain, objMaxPwdAge
  53. Dim dblMaxPwdNano, dblMaxPwdSecs, dblMaxPwdDays
  54. Set objDomain = GetObject("LDAP://" & strDomainDN)
  55. Set objMaxPWdAge = objDomain.maxPwdAge
  56. If objMaxPwdAge.LowPart = 0 And objMaxPwdAge.Highpart = 0 Then
  57. ' Maximum password age is set to 0 in the domain
  58. ' Therefore, passwords do not expire
  59. GetMaximumPasswordAge = 0
  60. Else
  61. dblMaxPwdNano = Abs (objMaxPwdAge.HighPart * 2^32 + objMaxPwdAge.LowPart)
  62. dblMaxPwdSecs = dblMaxPwdNano * ONE_HUNDRED_NANOSECOND
  63. dblMaxPwdDays = Int (dblMaxPwdSecs / SECONDS_IN_DAY)
  64. GetMaximumPasswordAge = dblMaxPwdDays
  65. End If
  66. End Function
  67. Function UserIsExpired (objUser, iMaxAge, iDaysForEmail, iRes)
  68. Dim intUserAccountControl, dtmValue, intTimeInterval
  69. Dim strName
  70. Err.Clear
  71. strName = Mid (objUser.Name, 4)
  72. intUserAccountControl = objUser.Get ("userAccountControl")
  73. If intUserAccountControl And ADS_UF_DONT_EXPIRE_PASSWD Then
  74. dp "The password for " & strName & " does not expire."
  75. 'wscript.echo strName & " password does not expire."
  76. 'f1.WriteLine  strName & "      密码未过期!"
  77. UserIsExpired = False
  78. Else
  79. iRes = 0
  80. dtmValue = objUser.PasswordLastChanged
  81. 'wscript.echo strName & "     上次改变密码时间:" & dtmValue
  82. 'f1.WriteLine  strName & "     上次改变密码时间:" & dtmValue
  83. If Err.Number = E_ADS_PROPERTY_NOT_FOUND Then
  84. UserIsExpired = True
  85. dp "The password for " & strName & " has never been set."
  86. 'wscript.echo "The password for " & strName & " has never been set."
  87. 'f1.WriteLine   strName & "    密码未设定"
  88. Else
  89. intTimeInterval = Int (Now - dtmValue)
  90. dp "The password for " & strName & " was last set on " & DateValue(dtmValue) & " at " & TimeValue(dtmValue) & " (" & intTimeInterval & " days ago)"
  91. 'wscript.echo "The password for " & strName & " was last set on " & DateValue(dtmValue) & " at " & TimeValue(dtmValue) & " (" & intTimeInterval & " days ago)"
  92. 'f1.WriteLine  strName & "                   密码上次设定日期是" & DateValue(dtmValue) & ",时间是" & TimeValue(dtmValue) & "," & intTimeInterval & "天前"
  93. If intTimeInterval >= iMaxAge Then
  94. dp "The password for " & strName & " has expired."
  95. 'wscript.echo "The password for " & strName & " has expired."
  96. f1.WriteLine  strName & "     密码已经过期"
  97. UserIsExpired = True
  98. Else
  99. iRes = Int ((dtmValue + iMaxAge) - Now)
  100. dp "The password for " & strName & " will expire on " & DateValue(dtmValue + iMaxAge) & " (" & iRes & " days from today)."
  101. 'wscript.echo "The password for " & strName & " will expire on " & DateValue(dtmValue + iMaxAge) & " (" & iRes & " days from today)."
  102. f1.WriteLine strName & "      密码将在" & DateValue(dtmValue + iMaxAge) & "过期," & "从今天起第" & iRes & "天"
  103. If iRes <= iDaysForEmail Then
  104. dp strName & " needs an email for password change"
  105. 'f1.WriteLine strName & "      需要一封邮件来提示改变密码!"
  106. UserIsExpired = True
  107. Else
  108. dp strName & " does not need an email for password change"
  109. 'f1.WriteLine strName & "        不需要一封邮件来提示改变密码!"
  110. UserIsExpired = False
  111. End If
  112. End If
  113. End If
  114. End If
  115. End Function
  116. Sub ProcessFolder (objContainer, iMaxPwdAge)
  117. Dim objUser, iResult
  118. objContainer.Filter = Array ("User")
  119. 'Wscript.Echo "Checking 信息 = " & Mid (objContainer.Name, 4)
  120. For each objUser in objContainer
  121. If Right (objUser.Name, 1) &lt;> "$" Then
  122. If IsEmpty (objUser.Mail) or IsNull (objUser.Mail) Then
  123. dp Mid (objUser.Name, 4) & " has no mailbox"
  124. 'Wscript.Echo Mid (objUser.Name, 4) & " has no mailbox"
  125. f1.WriteLine  Mid (objUser.Name, 4) & "        没有邮箱"
  126. Else
  127. If UserIsExpired (objUser, iMaxPwdAge, DAYS_FOR_EMAIL, iResult) Then
  128. 'wscript.Echo "...sending an email for " & objUser.Mail
  129. f1.WriteLine "...sending an email for " & objUser.Mail
  130. Call SendEmail (objUser, iResult)
  131. Else
  132. dp "...don't send an email"
  133. End If
  134. End If
  135. End If
  136. Next
  137. End Sub
  138. Sub SendEmail (objUser, iResult)
  139. Dim objMail
  140. Set objMail = CreateObject ("CDO.Message")
  141. objMail.From = STRFROM
  142. objMail.To = "laffer.li@51cto.com"
  143. objMail.Subject =  Mid (objUser.Name, 4) & "       密码已经到期!"
  144. objMail.Textbody = "用户" & objUser.userPrincipalName & " (" & objUser.sAMAccountName & ")" & vbCRLF & "密码将在" & iResult & " 天后过期. " & vbCRLF & "为了不影响你邮箱等的使用,请立即更改密码." & vbCRLF & vbCRLF & "谢谢," & vbCRLF & "前程无忧IT "
  145. objMail.Send
  146. Set objMail = Nothing
  147. End Sub
  148. Sub dp (str)
  149. If bDebug Then
  150. WScript.Echo str
  151. f1.WriteLine str
  152. f1.Close
  153. End If
  154. End Sub
复制代码


http://lzy821218.blog.51cto.com/209800/273523




欢迎光临 批处理之家 (http://bbs.bathome.net/) Powered by Discuz! 7.2