|
it
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Automatically Disable unused user accountIs there a way to automatically disable a users account after a pre-defined
period if the user has not logged in (sleeping accounts)? I know the password age would be close to what I am trying to achieve but I would like to add this measure in addition as a security step. Robert Download the "oldcmp" utility from www.joeware.net - you can use it to
disable inactive computer and user accounts. -- Show quoteHide quoteLaura E. Hunter Microsoft MVP - Windows Server Networking Author: _Active Directory Consultant's Field Guide_ (http://tinyurl.com/7f8ll) All information provided "AS-IS", no warranties expressed or implied. Replies to newsgroup only. "Robert Baduini" <RobertBadu***@discussions.microsoft.com> wrote in message news:FA1C0B3B-AC30-42FB-959C-D4BA0AF915EB@microsoft.com... > Is there a way to automatically disable a users account after a > pre-defined > period if the user has not logged in (sleeping accounts)? I know the > password age would be close to what I am trying to achieve but I would > like > to add this measure in addition as a security step. > > Robert Robert Baduini wrote:
> Is there a way to automatically disable a users account after a Sure! Copy this script.....and remember to change LDAP> pre-defined period if the user has not logged in (sleeping accounts)? > I know the password age would be close to what I am trying to achieve > but I would like to add this measure in addition as a security step. > > Robert On Error Resume Next Set objGroup = GetObject("LDAP://CN=DPSS,CN=Users,dc=microsoft,dc=com") objGroup.GetInfo arrMembersOf = objGroup.GetEx("member") For Each strMemberOf in arrMembersOf set oContainer = GetObject("LDAP://CN=Users,dc=microsoft,dc=com") for each oMembers in oContainer If oMembers.Get("distinguishedName") = strMemberOf Then If (Now()-oMembers.LastLogin) > 180 Then Const ADS_UF_ACCOUNTDISABLE = 2 intUAC = oMembers.Get("userAccountControl") oMembers.Put "userAccountControl", intUAC OR ADS_UF_ACCOUNTDISABLE oMembers.SetInfo End If End If Next Next Regards -- --- Giuseppe Nacci Microsoft Certified System Engineer Security Manager -------------------------------------------------------------------- CONFIDENTIALITY NOTICE This message and its attachments are addressed solely to the persons above and may contain confidential information. If you have received the message in error, be informed that any use of the content hereof is prohibited. Please return it immediately to the sender and delete the message. Should you have any questions, please contact us by replying to supporto.informat***@degennaro.biz Thank you --------------------------------------------------------------------  
Other interesting topics
A few questions
NTBACKUP leaving tapes marked as free change local administrator password ?? MS Word Spell Check Unavailable After Joining Domain Windows 2003 SP1 hangs during install (during registry backup) on Dell PowerEdge SC1420 with W2k3 We Error 5719 Event 3224 Windows Time Service Missing Windows 2003 DC after Disaster Recovery Quota problem in W2K3 SBS |
|||||||||||||||||||||||
