如何让用户密码在快过期时.doc

1、如何让用户密码在快过期时，发邮件提醒用户更改密码 2010-12-31 11:50:46标签：更改密码 用户 OWA 邮件 通知 大家都知道，在域环境中，组策略中可以设置当用户密码快过期时，电脑登录会有提示，但当用户出差，或是用 OWA 方式访问时，并不会收到相关提示，而导致道密码过期而无法收发邮件！下面的方法，就是教大家，如何让用户密码在快过期时，发邮件提醒用户更改密码，让用户去 OWA 中去更改自已的密码，不至于发生密码过期，用户并不知道，而无法收发邮件！以下是在 AD、Exchange 环境下，用邮件的方式通知用户密码到期提示的脚本，需要使用的，请将其路的D 和 Domain改成你的域名

2、，ADserver/Mailserver改为你的 AD和 Exchange的机器名，然后 COPY 下面的脚本存为.vbs 格式，放在 DC 中，设置 Scheduled Tasks，让其每天在固定时间执行！注：此脚本文件会和组策略中的密码策略相对应！此脚本为微软工程师专为某企业而写的，在些对其表示感谢！* Main Function: 從 AD 中比對每一個使用者的 Password LastSet,如果距離過期日剩30,15,3,2,1 的使用者,則發信通知* Usage: For Example : cscript QuerryAD.vbs* Copyright (C) 2004 Mic

3、rosoft Corporation*Option ExplicitFor FileSystemObjectConst ForReading = 1Const ForAppending = 8Const ForWriting = 2Const ADS_PROPERTY_DELETE = 4 dim arrWillExpiredDaysPlease modify the variableCONST MASTERMAIL = ““ 寄信人的 Email Addressconst strSMTPServer = “mailserver“ 寄信 ExchangeServer const strSend

4、UserName = “domainnameACCOUNT“ 有權限的使用者(寄信使用)const strSendPassword = “PASSWORD“ 密碼const strFullAdsiPath = “LDAP:/DC LDAP 路徑arrWillExpiredDays = Array(15,7,3,2,1) 將要過期天數的陣列Main FunctionDeclare variablesDim strTestModestrTestMode = False use for debugingCretae log fileSet WshSHell = CreateObject(“Wscri

5、pt.Shell“)Set objFSO = CreateObject(“Scripting.FileSystemObject“)strFileName = Replace(Datevalue(Now), “-“, “_“)strFileName = Replace(strFileName, “/“, “_“)Public fLogSet oLog = objFSO.OpenTextFile(strFileName (AdsPath,cn;subTree“ objCommand.Properties(“Page Size“) = 99 specifies the maximum number

6、of objects to return in a results set. PrintScreen objCommand.CommandText PrintScreen “ “Set objRecordSet = objCommand.ExecuteIf objRecordSet.RecordCount = 0 Then PrintScreen “Error: Cannot found the user object in domain “ & BaseDN & “.“ElseDim intTotalAccount 計算找到幾位使用者intTotalAccount = 0objRecordS

7、et.MoveFirstDo Until objRecordSet.EOF intTotalAccount = intTotalAccount +1Retrive user informationDim oUser Set oUser = GetObject(objRecordSet.Fields(“ADsPath“).Value)For Each oUserProperty in oUserPrintScreen oUserProperty.Name NextIf (oUser.AccountDisabled = FALSE) ThenPrintScreen vbTab & “User Na

8、me : “ & oUser.NamesStatus = UserPwdExpire(oUser)Select Case sStatusCase 999999PrintScreen vbTab & “ The user “ & oUser.samaccountname & “ Password never expires.“ Case Elseif sStatus = 0 then strMSG = “Your password is already expired in “ & sStatus & “ days!“PrintScreen vbTab & “ The user “ & oUse

9、r.samAccountName & “ password is expired after “ & sStatus & “ days!“ elseif sStatus 0 thendtmValue = 0err.Clearend ifPrintScreen vbTab & “ The password was last changed on “ & DateValue(dtmValue) & “ at “ & TimeValue(dtmValue)PrintScreen vbTab & “The password was last changed on “ & _DateValue(dtmV

10、alue) & “ at “ & TimeValue(dtmValue) & VbCrLf & _ “The difference between when the password was last set“ & VbCrLf & _ “and today is “ & int(now - dtmValue) & “ days“intTimeInterval = int(now - dtmValue)Set objSysInfo = CreateObject(“ADSystemInfo“)strDomain = objSysInfo.DomainShortNameSet objSysInfo

11、 = NothingSet objDomainNT = GetObject(“WinNT:/“ & strDomain)intMaxPwdAge = objDomainNT.Get(“MaxPasswordAge“)If intMaxPwdAge = intMaxPwdAge ThenPrintScreen vbTab & “The password has expired.“UserPwdExpire = int(intTimeInterval - intMaxPwdAge)ElsePrintScreen vbTab & “The password will expire on “ & _

12、DateValue(dtmValue + intMaxPwdAge) & “ (“ & _ int(dtmValue + intMaxPwdAge) - now) & “ days from today“ & “).“UserPwdExpire = int(now - (dtmValue + intMaxPwdAge) End IfEnd IfEnd IfEnd Function* Mail MessageReference : Creating and Sending a Messagehttp:/ SendMail(strFrom, strTo, strSubject, strBodyTe

13、xt) Dim iMsgSet iMsg = CreateObject(“CDO.Message“)Dim iConfSet iConf = CreateObject(“CDO.Configuration“)Dim FldsSet Flds = iConf.FieldsWith Flds assume constants are defined within script file.Item(“cdoSendUsingMethod“) = 2 cdoSendUsingPickup:1:Local , cdoSendUsingPort:2:Network .Item(“cdoSendUsingP

14、ort“) = 25 cdoSendUsingPort.Item(“cdoSMTPServer“) = strSMTPServer.Item(“cdoSMTPConnectionTimeout“) = 10 quick timeout.Item(“cdoSMTPAuthenticate“) = cdoBasic.Item(“cdoSendUserName“) = strSendUserName.Item(“cdoSendPassword“) = strSendPassword.Item(“cdoURLProxyServer“) = “tpeproxy:80“.Item(“cdoURLProxy

15、Bypass“) = “.Item(“cdoURLGetLatestVersion“) = True.UpdateEnd WithWith iMsgSet .Configuration = iConf.To = strTo.From = strFrom.Subject = strSubject.CreateMHTMLBody “This folder “ & strFolderPath & “ Created in “ & intDayNum & “ Days“.TextBody = strBodyText.AddAttachment “C:filesmybook.doc“.SendEnd W

16、ithEnd Sub* Function: fnCheck_SendMail* Purpose: 檢查是否有符合寄信標準的使用者(以 arrWillExpiredDays 為準)* Input: objUser,MailMessage* * Output: None*Function fnCheck_SendMail(objUser,strMSG)Send emailOn Error Resume NextErr.Clear某些 User 在此行發生 ErrorDim PropArrayPropArray = Array(“proxyAddresses“) oUser.GetInfoEx Ar

17、ray(“proxyAddresses“), 0aProxyAddress = objUser.GetEx(“proxyAddresses“) If Err 0 Then strEmail = mid(strMailAddress,6)PrintScreen vbTab & “ Email Address: “ & strEmailUse Exchange Server to send mailSendMail MASTERMAIL, strEmail, “Password expiration notification!“, strMSGIf server installed the SMT

18、P ServiceSendMessage MASTERMAIL, strEmail, “Password expiration notification!“, strMSGPrintScreen vbTab & “ “ & Time & “ Finish sending email!“Exit ForElse PrintScreen vbTab & vbTab & “ No SMTP: string“ End IfNextEnd Ifend Function* Send messages with CDO for Windows 2000 strTo: in To strFrom: in Fr

19、om strSubject: in Subject strBodyFile: in Body text file*Sub SendMessage(strFrom, strTo, strSubject, strBodyText) For more information about CDO for Windows 2000, please refer to http:/ Error Resume NextDim oMessage as CDO.MessageSet oMessage = CreateObject(“CDO.Message“)oMessage.TextBody = strBodyTextoMessage.To = strTooMessage.From = strFromoMessage.Subject = strSubjectErr.ClearoMessage.Send If Err.number 0 thenWscript.Echo “Error in SendMessage: id=“ & Err.number & “, source=“ & Err.Source & “,Desc=“ & Err.DescriptionErr.ClearEnd IfSet oMessage = nothingEnd Sub