Expiry Dates of Local User Accounts on standalone win2003 server

Discussion in 'Scripting' started by Ludgate Hill, Jul 24, 2007.

  1. Ludgate Hill

    Ludgate Hill Guest

    Richard Mueller kindly wrote this code in answer to a post I made yesterday
    - Thank you Richard.

    Unfortunately the code didn't work as "The directory property cannot be
    found in the cache", I made some amendments to the existing code and suspect
    that objUser.AccountExpirationDate does not exist or is called something
    different for user accounts that are purely local and not part of an AD.

    Can anyone help me with this?

    Thanks

    Mark
    Subject: Re: Expiry Dates on standalone win2003 server 7/23/2007 9:14 AM
    PST

    By: Richard Mueller [MVP] In:
    microsoft.public.windows.server.scripting


    You must mean local accounts on the machine, not domain accounts. You must
    use the WinNT provider with local accounts. The AccountExpirationDate
    property method of the user object returns the account expiration date. If
    you bind to the computer object you can filter on child objects of class
    "user" and enumerate. For example:
    ===========
    ' Specify NetBIOS name of computer.
    strComputer = "MyServer"

    ' Bind to computer object.
    Set objComputer = GetObject("WinNT://" & strComputer)

    ' Filter on user objects.
    objComputer.Filter = Array("user")

    ' Enumerate local user objects.
    For Each objUser In objComputer
    ' Display user name and expiration.
    Wscript.Echo objUser.Name & ", expires " & objUser.AccountExpirationDate
    Next
     
    Ludgate Hill, Jul 24, 2007
    #1
    1. Advertisements

  2. Actually, AccountExpirationDate is the property method to use for local
    accounts, but it raises an error if there is no expiration date assigned.
    This can also happen with AD accounts. Microsoft suggests using the IsNull
    function in this link to detect this condition:

    http://www.microsoft.com/technet/scriptcenter/resources/qanda/apr07/hey0405.mspx

    However, this isn't really correct. The value is not Null. The method just
    raises an error because it cannot convert the value of the underlying
    attribute to a date. The suggestion only works because "On Error Resume
    Next" is used.

    I would only use "On Error Resume Next" for the statement expected to raise
    the error. For example:
    ============
    ' Specify NetBIOS name of computer.
    strComputer = "MyServer"

    ' Bind to computer object.
    Set objComputer = GetObject("WinNT://" & strComputer)

    ' Filter on user objects.
    objComputer.Filter = Array("user")

    ' Enumerate local user objects.
    For Each objUser In objComputer
    ' Display user name and expiration.
    On Error Resume Next
    Wscript.Echo objUser.Name & ", expires " & objUser.AccountExpirationDate
    If (Err.Number <> 0) Then
    Wscript.Echo objUser.Name & " has no expiration date"
    End If
    On Error GoTo 0
    Next

    --
    Richard Mueller
    Microsoft MVP Scripting and ADSI
    Hilltop Lab - http://www.rlmueller.net
     
    Richard Mueller [MVP], Jul 25, 2007
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.