Searching for UserAccountControl settings that aren't set.

Discussion in 'Scripting' started by djmulls, Feb 2, 2011.

  1. djmulls

    djmulls Guest

    Hi guys,

    I have been asked to find all accounts in a resource domain that DON'T
    have the 'Password never expires' and 'User must change password at
    next logon' set. Accounts with these settings are giving us grief with
    the rollout of a new mail app.

    Now searching for accounts with those options is easy enough, I just
    use 65336 and I get all 'Password never expires' however I can't
    figure out how to get both of the above two options in a script and
    still get every combination of other setting. For example we have a
    lot of disabled accounts, but I still need to know if they have the
    above two options ticked.

    We are running a 2003 Native Mode domain and user accounts are all
    over the place. So we can't just point this at a single OU.

    I am scratching my head over this one so any help would be much
    appreciated.
    Thanks
    David
     
    djmulls, Feb 2, 2011
    #1
    1. Advertisements

  2. djmulls

    brain007

    Joined:
    Apr 19, 2011
    Messages:
    13
    Likes Received:
    0
    brain007, Jun 21, 2011
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.