S
Schmidtmayer Marc
Hi all,
I'm writing an application where I need to show the 'status' of users
in AD.
Now I'm having trouble with the flag "User must change password at
next logon" for the "User-Account-Control"-property.
The problem is that the 'value' of the "User-Account-Control"-property
DOESN'T CHANGE whether the flag "User must change password at next
logon" is checked or not.
For example : In AD, my user has the flag "User must change password
at next logon" checked and when I check the value of the
"User-Account-Control"-property with ADSI-Edit ... it gives me 544 !!
Then I uncheck the flag "User must change password at next logon" BUT
THE VALUE DOESN'T change !!!!
I can't get the 'right' value for this !!
Other flags like "Account is disabled", etc ... do work !
Here's an extract of my script :
'*************************************************************************
strFilter = "(&(objectclass=user)(objectcategory=person));"
strAttrs = "name,userprincipalname,useraccountcontrol,adspath;"
strScope = "subtree"
Set objConn = CreateObject("ADODB.Connection")
objConn.Provider = "ADsDSOObject"
objConn.Open "Active Directory Provider"
lPaths = UBound(as_paths())
For lLoop = 1 To lPaths
'strBase = "<LDAP://" & as_paths(lLoop) & ">;"
strBase = "<" & as_paths(lLoop) & ">;"
Set objRS = objConn.Execute(strBase & strFilter & strAttrs &
strScope)
If Not objRS.EOF Then
objRS.MoveFirst
While Not objRS.EOF
strUserNames(lTotalUsers) = objRS.Fields(0).Value
strUserIDs(lTotalUsers) = objRS.Fields(1).Value
lSetting = objRS.Fields(2).Value
strtmp = "000"
If (lSetting And ADS_UF_ACCOUNTDISABLE) =
ADS_UF_ACCOUNTDISABLE Then Mid(strtmp, 1, 1) = "1"
If (lSetting And ADS_UF_LOCKOUT) = ADS_UF_LOCKOUT Then
Mid(strtmp, 2, 1) = "1"
If (lSetting And ADS_UF_PWD_EXPIRED) =
ADS_UF_PWD_EXPIRED Then Mid(strtmp, 3, 1) = "1"
strAccountSettings(lTotalUsers) = strtmp
strDNs(lTotalUsers) = objRS.Fields(3).Value
objRS.MoveNext 'volgende
Wend
End If
Next
'*************************************************************************
Any help is welcome !
Thanks,
Marc.
I'm writing an application where I need to show the 'status' of users
in AD.
Now I'm having trouble with the flag "User must change password at
next logon" for the "User-Account-Control"-property.
The problem is that the 'value' of the "User-Account-Control"-property
DOESN'T CHANGE whether the flag "User must change password at next
logon" is checked or not.
For example : In AD, my user has the flag "User must change password
at next logon" checked and when I check the value of the
"User-Account-Control"-property with ADSI-Edit ... it gives me 544 !!
Then I uncheck the flag "User must change password at next logon" BUT
THE VALUE DOESN'T change !!!!
I can't get the 'right' value for this !!
Other flags like "Account is disabled", etc ... do work !
Here's an extract of my script :
'*************************************************************************
strFilter = "(&(objectclass=user)(objectcategory=person));"
strAttrs = "name,userprincipalname,useraccountcontrol,adspath;"
strScope = "subtree"
Set objConn = CreateObject("ADODB.Connection")
objConn.Provider = "ADsDSOObject"
objConn.Open "Active Directory Provider"
lPaths = UBound(as_paths())
For lLoop = 1 To lPaths
'strBase = "<LDAP://" & as_paths(lLoop) & ">;"
strBase = "<" & as_paths(lLoop) & ">;"
Set objRS = objConn.Execute(strBase & strFilter & strAttrs &
strScope)
If Not objRS.EOF Then
objRS.MoveFirst
While Not objRS.EOF
strUserNames(lTotalUsers) = objRS.Fields(0).Value
strUserIDs(lTotalUsers) = objRS.Fields(1).Value
lSetting = objRS.Fields(2).Value
strtmp = "000"
If (lSetting And ADS_UF_ACCOUNTDISABLE) =
ADS_UF_ACCOUNTDISABLE Then Mid(strtmp, 1, 1) = "1"
If (lSetting And ADS_UF_LOCKOUT) = ADS_UF_LOCKOUT Then
Mid(strtmp, 2, 1) = "1"
If (lSetting And ADS_UF_PWD_EXPIRED) =
ADS_UF_PWD_EXPIRED Then Mid(strtmp, 3, 1) = "1"
strAccountSettings(lTotalUsers) = strtmp
strDNs(lTotalUsers) = objRS.Fields(3).Value
objRS.MoveNext 'volgende
Wend
End If
Next
'*************************************************************************
Any help is welcome !
Thanks,
Marc.