首先,我当前环境的邮箱服务器是Notus Server而不是exchange server,我们大家都知道,exchange跟AD是紧密集成的,而Notus 跟AD没有集成关系,因为他们是两家不同的产品,所以更改域帐号的密码不会更改邮箱的密码,所以在Exchange环境下比较好实现的。我之所以不用Exchange作为我的邮箱服务器,因为我在模仿一个真实的环境。
Roles:Notus Server
' This program scans all users in the Users container and all organizational units
' beneath the HOSTING_OU organizational unit, for users whose passwords have either
' already expired or will expire within DAYS_FOR_EMAIL days.
' An email is sent, using CDO, via the SMTP server specified as SMTP_SERVER to the
' user to tell them to change their password. You should change strFrom to match
' the email address of the administrator responsible for password changes.
' You will, at a minimum, need to change the SMTP_SERVER, the HOSTING_OU, and the
' STRFROM constants. If you run this on an Exchange server, then SMTP_SERVER can
' be "" - and it may be either an ip address or a resolvable name.
' If you don't have an OU containing sub-OU's to scan, then set HOSTING_OU to the
' empty string ("").
Option Explicit
' Per environment constants - you should change these!
Const HOSTING_OU = "Dahai-Object"
Const SMTP_SERVER = "Dahai-mail02.dahai.com"
Const STRFROM = "[email protected]"
' System Constants - do not change
Const ONE_HUNDRED_NANOSECOND = .000000100 ' .000000100 is equal to 10^-7
Const SECONDS_IN_DAY = 86400
' Change to "True" for extensive debugging output
Const bDebug = False
Dim objRoot
Dim numDays, iResult
Dim strDomainDN
Dim objContainer, objSub
Set objRoot = GetObject ("LDAP://RootDSE")
strDomainDN = objRoot.Get ("defaultNamingContext")
Set objRoot = Nothing
numdays = GetMaximumPasswordAge (strDomainDN)
dp "Maximum Password Age: " & numDays
If numDays > 0 Then
Set objContainer = GetObject ("LDAP://ou=Dahai-Object," & strDomainDN)
Call ProcessFolder (objContainer, numDays)
Set objContainer = Nothing
If Len (HOSTING_OU) > 0 Then
Set objContainer = GetObject ("LDAP://OU=" & HOSTING_OU & "," & strDomainDN)
For each objSub in objContainer
Call ProcessFolder (objSub, numDays)
Set objContainer = Nothing
End If
' Add the number of days to the last time
' the password was set.
'whenPasswordExpires = DateAdd ("d", numDays, oUser.PasswordLastChanged)
'WScript.Echo "Password Last Changed: " & oUser.PasswordLastChanged
'WScript.Echo "Password Expires On: " & whenPasswordExpires
End If
'WScript.Echo "Done"
Function GetMaximumPasswordAge (ByVal strDomainDN)
Dim objDomain, objMaxPwdAge
Dim dblMaxPwdNano, dblMaxPwdSecs, dblMaxPwdDays
Set objDomain = GetObject("LDAP://" & strDomainDN)
Set objMaxPWdAge = objDomain.maxPwdAge
If objMaxPwdAge.LowPart = 0 And objMaxPwdAge.Highpart = 0 Then
' Maximum password age is set to 0 in the domain
' Therefore, passwords do not expire
GetMaximumPasswordAge = 0
dblMaxPwdNano = Abs (objMaxPwdAge.HighPart * 2^32 + objMaxPwdAge.LowPart)
dblMaxPwdSecs = dblMaxPwdNano * ONE_HUNDRED_NANOSECOND
dblMaxPwdDays = Int (dblMaxPwdSecs / SECONDS_IN_DAY)
GetMaximumPasswordAge = dblMaxPwdDays
End If
End Function
Function UserIsExpired (objUser, iMaxAge, iDaysForEmail, iRes)
Dim intUserAccountControl, dtmValue, intTimeInterval
Dim strName
strName = Mid (objUser.Name, 4)
intUserAccountControl = objUser.Get ("userAccountControl")
If intUserAccountControl And ADS_UF_DONT_EXPIRE_PASSWD Then
dp "The password for " & strName & " does not expire."
UserIsExpired = False
iRes = 0
dtmValue = objUser.PasswordLastChanged
UserIsExpired = True
dp "The password for " & strName & " has never been set."
intTimeInterval = Int (Now - dtmValue)
dp "The password for " & strName & " was last set on " & _
DateValue(dtmValue) & " at " & TimeValue(dtmValue) & _
" (" & intTimeInterval & " days ago)"
If intTimeInterval >= iMaxAge Then
dp "The password for " & strName & " has expired."
UserIsExpired = True
iRes = Int ((dtmValue + iMaxAge) - Now)
dp "The password for " & strName & " will expire on " & _
DateValue(dtmValue + iMaxAge) & " (" & _
iRes & " days from today)."
If iRes <= iDaysForEmail Then
dp strName & " needs an email for password change"
UserIsExpired = True
dp strName & " does not need an email for password change"
UserIsExpired = False
End If
End If
End If
End If
End Function
Sub ProcessFolder (objContainer, iMaxPwdAge)
Dim objUser, iResult
objContainer.Filter = Array ("User")
'Wscript.Echo "Checking company = " & Mid (objContainer.Name, 4)
For each objUser in objContainer
If Right (objUser.Name, 1) <> "$" Then
If IsEmpty (objUser.Mail) or IsNull (objUser.Mail) Then
dp Mid (objUser.Name, 4) & " has no mailbox"
If UserIsExpired (objUser, iMaxPwdAge, DAYS_FOR_EMAIL, iResult) Then
'wscript.Echo "...sending an email for " & objUser.Mail
Call SendEmail (objUser, iResult)
dp "...don't send an email"
End If
End If
End If
End Sub
Sub SendEmail (objUser, iResult)
Dim objMail
Set objMail = CreateObject ("CDO.Message")
objMail.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
objMail.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/smtpserver") = SMTP_SERVER
objMail.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
objMail.From = STRFROM
objMail.To = objUser.Mail
objMail.Subject = "Password needs to be set for " & Mid (objUser.Name, 4)
objMail.Textbody = "The system password for user " & objUser.userPrincipalName & _
" (" & objUser.sAMAccountName & ")" & vbCRLF & _
"will expire in " & iResult & " days. " & vbCRLF & _
"Please change it as soon as possible." & vbCRLF & vbCRLF & _
"Thank you," & vbCRLF & _
"IT administrator"
objMail.Textbody = "测试环境用户管理中心提示: " & vbCRLF & _
"您的域账户密码即将过期,请及时进行更改,具体更改方法如下:" & vbCRLF & _
"1. 如果您的计算机已加入到Dahai域内,请通过按Ctrl+Alt+Del并选择更改密码选项,输入旧密码及新密码确认即可." & vbCRLF & _
"2. 如果您的计算机没有加入到Dahai域,请通过浏览https://changepwd.dahai.com/iisadmpwd 链接后通过Dahai\id code的格式输入旧密码及新密码更改即可。" & vbCRLF & _
"请注意:Dahai域策略规定,用户的域密码最长使用周期为:180天,最短使用周期为:1天,密码由至少8位字母,数字及字符组成,同时不能使用5个历史记录密码。" & vbCRLF & _
""& vbCRLF & vbCRLF & _
"同时,因公司邮件系统与域帐号系统无法实现口令的自动同步,为了您的账户安全,请您同步更改邮箱帐户密码,具体更改方法如下:" & vbCRLF & _
"1. 登录您的个人网页邮箱(每个人的个人网页邮箱的登录链接与您当前设置在outlook中的接收邮件服务器相同,如您的接收邮件服务器为mail.dahai.com,则您的个人网页邮箱链接为:https://mail.dahai.com)." & vbCRLF & _
"2. 单击右上角的首选项,然后选择安全性,单击Internet选项,输入旧密码及新密码确认即可。" & vbCRLF & _
"请注意:邮箱密码更改需要30分钟左右的时间与邮件服务器同步,同步期内,建议不要使用邮箱。" & vbCRLF & _
"如有疑问,请联系我们([email protected]) 或致电010 88880000 转 0000" & vbCRLF & _
""& vbCRLF & vbCRLF & _
"The Prompting Made by dahai Corporation Accounts Management Center" & vbCRLF & _
"Your domain account will be expired, please change your password to a new one. The ways to reach that as followed:" & vbCRLF & _
"one.If your PCs or Laptops have already joined dahai Domain, please press Ctrl-Alt-Del group keys, when you have logged into system with your domain account. Another import thing , make sure your net cable link is well. After you press the group keys, you will find the option “Change Password”, so no doubt, please right click it, and make your password changed, then you will get a new one." & vbCRLF & _
"two.If you don’t have your PCs or Laptops joining dahai Domain, please access this URL: https://changepwd.dahai.com/iisadmpwd . The authentication interface will be in front of you. But the format of username is anyone listed as followed:dahait\username,After authenticate your old password, you will have right to change your password." & vbCRLF & _
"Please notice that: As the compliance of dahai Policy, the days of password in working are not more than180s, and not less than 1 day. The length of password is not less than 8, which is made up of numbers and characters, and five latest password you had used in past are not allowed." & vbCRLF & _
""& vbCRLF & vbCRLF & _
"You must know a important thing, your domain account’s password does not sync with your mail account’s password automatically. So for your security of your account, please change your mail account’s password, after do the change of your domain account." & vbCRLF & _
"one.please log into your web mailbox, the domain name is the same as that you set in your outlook. For example, if you set your sending server and outgoing server are mail.dahai.com, so your web mailbox link is: https://mail.dahai.com," & vbCRLF & _
"two.Click“Preference”, and choose Security option to?Internet Option, type your old password and new password twice. That’s Ok, but password change in your web mailbox will sync with your server in about 30 minutes. You’d better not make your mail account online. That is a suggestion we give, but if urgent things to handle, the old password is allowed within password change syncing." & vbCRLF & _
"If any question, please contact us. Mail:[email protected] Call: 010-88880000 to 0000." & vbCRLF & _
""& vbCRLF & vbCRLF & _
"Thank you," & vbCRLF & _
"IT Serivce Dept"
Set objMail = Nothing
End Sub
Sub dp (str)
If bDebug Then
WScript.Echo str
End If
End Sub
二级OU脚本内容接测试结果:我将LDAP路径直接挂在到Dahai-Object OU下的Dahai-Users OU下运行
' This program scans all users in the Users container and all organizational units
' beneath the HOSTING_OU organizational unit, for users whose passwords have either
' already expired or will expire within DAYS_FOR_EMAIL days.
' An email is sent, using CDO, via the SMTP server specified as SMTP_SERVER to the
' user to tell them to change their password. You should change strFrom to match
' the email address of the administrator responsible for password changes.
' You will, at a minimum, need to change the SMTP_SERVER, the HOSTING_OU, and the
' STRFROM constants. If you run this on an Exchange server, then SMTP_SERVER can
' be "" - and it may be either an ip address or a resolvable name.
' If you don't have an OU containing sub-OU's to scan, then set HOSTING_OU to the
' empty string ("").
Option Explicit
' Per environment constants - you should change these!
Const HOSTING_OU = "Dahai-Object"
Const HOSTING_OU_LEVEL2 = "Dahai-Users"
Const SMTP_SERVER = "Dahai-mail02.dahai.com"
Const STRFROM = "[email protected]"
' System Constants - do not change
Const ONE_HUNDRED_NANOSECOND = .000000100 ' .000000100 is equal to 10^-7
Const SECONDS_IN_DAY = 86400
' Change to "True" for extensive debugging output
Const bDebug = False
Dim objRoot
Dim numDays, iResult
Dim strDomainDN
Dim objContainer, objSub
Set objRoot = GetObject ("LDAP://RootDSE")
strDomainDN = objRoot.Get ("defaultNamingContext")
Set objRoot = Nothing
numdays = GetMaximumPasswordAge (strDomainDN)
dp "Maximum Password Age: " & numDays
If numDays > 0 Then
Set objContainer = GetObject ("LDAP://ou=Dahai-Users,ou=Dahai-Object," & strDomainDN)
Call ProcessFolder (objContainer, numDays)
Set objContainer = Nothing
If Len (HOSTING_OU_LEVEL2) > 0 Then
Set objContainer = GetObject ("LDAP://ou=Dahai-Users,ou=Dahai-Object," & strDomainDN)
For each objSub in objContainer
Call ProcessFolder (objSub, numDays)
Set objContainer = Nothing
End If
' Add the number of days to the last time
' the password was set.
'whenPasswordExpires = DateAdd ("d", numDays, oUser.PasswordLastChanged)
'WScript.Echo "Password Last Changed: " & oUser.PasswordLastChanged
'WScript.Echo "Password Expires On: " & whenPasswordExpires
End If
'WScript.Echo "Done"
Function GetMaximumPasswordAge (ByVal strDomainDN)
Dim objDomain, objMaxPwdAge
Dim dblMaxPwdNano, dblMaxPwdSecs, dblMaxPwdDays
Set objDomain = GetObject("LDAP://" & strDomainDN)
Set objMaxPWdAge = objDomain.maxPwdAge
If objMaxPwdAge.LowPart = 0 And objMaxPwdAge.Highpart = 0 Then
' Maximum password age is set to 0 in the domain
' Therefore, passwords do not expire
GetMaximumPasswordAge = 0
dblMaxPwdNano = Abs (objMaxPwdAge.HighPart * 2^32 + objMaxPwdAge.LowPart)
dblMaxPwdSecs = dblMaxPwdNano * ONE_HUNDRED_NANOSECOND
dblMaxPwdDays = Int (dblMaxPwdSecs / SECONDS_IN_DAY)
GetMaximumPasswordAge = dblMaxPwdDays
End If
End Function
Function UserIsExpired (objUser, iMaxAge, iDaysForEmail, iRes)
Dim intUserAccountControl, dtmValue, intTimeInterval
Dim strName
strName = Mid (objUser.Name, 4)
intUserAccountControl = objUser.Get ("userAccountControl")
If intUserAccountControl And ADS_UF_DONT_EXPIRE_PASSWD Then
dp "The password for " & strName & " does not expire."
UserIsExpired = False
iRes = 0
dtmValue = objUser.PasswordLastChanged
UserIsExpired = True
dp "The password for " & strName & " has never been set."
intTimeInterval = Int (Now - dtmValue)
dp "The password for " & strName & " was last set on " & _
DateValue(dtmValue) & " at " & TimeValue(dtmValue) & _
" (" & intTimeInterval & " days ago)"
If intTimeInterval >= iMaxAge Then
dp "The password for " & strName & " has expired."
UserIsExpired = True
iRes = Int ((dtmValue + iMaxAge) - Now)
dp "The password for " & strName & " will expire on " & _
DateValue(dtmValue + iMaxAge) & " (" & _
iRes & " days from today)."
If iRes <= iDaysForEmail Then
dp strName & " needs an email for password change"
UserIsExpired = True
dp strName & " does not need an email for password change"
UserIsExpired = False
End If
End If
End If
End If
End Function
Sub ProcessFolder (objContainer, iMaxPwdAge)
Dim objUser, iResult
objContainer.Filter = Array ("User")
'Wscript.Echo "Checking company = " & Mid (objContainer.Name, 4)
For each objUser in objContainer
If Right (objUser.Name, 1) <> "$" Then
If IsEmpty (objUser.Mail) or IsNull (objUser.Mail) Then
dp Mid (objUser.Name, 4) & " has no mailbox"
If UserIsExpired (objUser, iMaxPwdAge, DAYS_FOR_EMAIL, iResult) Then
'wscript.Echo "...sending an email for " & objUser.Mail
Call SendEmail (objUser, iResult)
dp "...don't send an email"
End If
End If
End If
End Sub
Sub SendEmail (objUser, iResult)
Dim objMail
Set objMail = CreateObject ("CDO.Message")
objMail.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
objMail.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/smtpserver") = SMTP_SERVER
objMail.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
objMail.From = STRFROM
objMail.To = objUser.Mail
objMail.Subject = "Password needs to be set for " & Mid (objUser.Name, 4)
objMail.Textbody = "The system password for user " & objUser.userPrincipalName & _
" (" & objUser.sAMAccountName & ")" & vbCRLF & _
"will expire in " & iResult & " days. " & vbCRLF & _
"Please change it as soon as possible." & vbCRLF & vbCRLF & _
"Thank you," & vbCRLF & _
"IT administrator"
objMail.Textbody = "Dahai管理中心提示: " & vbCRLF & _
"您的域账户密码即将过期,请及时进行更改,具体更改方法如下:" & vbCRLF & _
"1. 如果您的计算机已加入到dahai域内,请通过按Ctrl+Alt+Del并选择更改密码选项,输入旧密码及新密码确认即可." & vbCRLF & _
"2. 如果您的计算机没有加入到dahai域,请通过浏览https://changepwd.dahai.com/iisadmpwd 链接后通过dahai\id code的格式输入旧密码及新密码更改即可。" & vbCRLF & _
"请注意:dahai域策略规定,用户的域密码最长使用周期为:180天,最短使用周期为:1天,密码由至少8位字母,数字及字符组成,同时不能使用5个历史记录密码。" & vbCRLF & _
""& vbCRLF & vbCRLF & _
"同时,因公司邮件系统与域帐号系统无法实现口令的自动同步,为了您的账户安全,请您同步更改邮箱帐户密码,具体更改方法如下:" & vbCRLF & _
"1. 登录您的个人网页邮箱(每个人的个人网页邮箱的登录链接与您当前设置在outlook中的接收邮件服务器相同,如您的接收邮件服务器为mail-huabei01.dahai.com,则您的个人网页邮箱链接为:https://mail-huabei01.dahai.com)." & vbCRLF & _
"2. 单击右上角的首选项,然后选择安全性,单击Internet选项,输入旧密码及新密码确认即可。" & vbCRLF & _
"请注意:邮箱密码更改需要30分钟左右的时间与邮件服务器同步,同步期内,建议不要使用邮箱。" & vbCRLF & _
"如有疑问,请联系我们([email protected]) 或致电010 82826100 转 2220" & vbCRLF & _
""& vbCRLF & vbCRLF & _
"The Prompting Made by dahai Corporation Accounts Management Center" & vbCRLF & _
"Your domain account will be expired, please change your password to a new one. The ways to reach that as followed:" & vbCRLF & _
"one.If your PCs or Laptops have already joined dahai Domain, please press Ctrl-Alt-Del group keys, when you have logged into system with your domain account. Another import thing , make sure your net cable link is well. After you press the group keys, you will find the option “Change Password”, so no doubt, please right click it, and make your password changed, then you will get a new one." & vbCRLF & _
"two.If you don’t have your PCs or Laptops joining dahai Domain, please access this URL: https://changepwd.dahai.com/iisadmpwd . The authentication interface will be in front of you. But the format of username is anyone listed as followed:dahai\username,After authenticate your old password, you will have right to change your password." & vbCRLF & _
"Please notice that: As the compliance of dahai Policy, the days of password in working are not more than180s, and not less than 1 day. The length of password is not less than 8, which is made up of numbers and characters, and five latest password you had used in past are not allowed." & vbCRLF & _
""& vbCRLF & vbCRLF & _
"You must know a important thing, your domain account’s password does not sync with your mail account’s password automatically. So for your security of your account, please change your mail account’s password, after do the change of your domain account." & vbCRLF & _
"one.please log into your web mailbox, the domain name is the same as that you set in your outlook. For example, if you set your sending server and outgoing server are mail-huadong01.dahai.com, so your web mailbox link is: https://mail-huadong01.dahai.com," & vbCRLF & _
"two.Click“Preference”, and choose Security option to?Internet Option, type your old password and new password twice. That’s Ok, but password change in your web mailbox will sync with your server in about 30 minutes. You’d better not make your mail account online. That is a suggestion we give, but if urgent things to handle, the old password is allowed within password change syncing." & vbCRLF & _
"If any question, please contact us. Mail:[email protected] Call: 010-82826100 to 2220." & vbCRLF & _
""& vbCRLF & vbCRLF & _
"Thank you," & vbCRLF & _
"IT Serivce Dept"
Set objMail = Nothing
End Sub
Sub dp (str)
If bDebug Then
WScript.Echo str
End If
End Sub
' This program scans all users in the Users container and all organizational units
' beneath the HOSTING_OU organizational unit, for users whose passwords have either
' already expired or will expire within DAYS_FOR_EMAIL days.
' An email is sent, using CDO, via the SMTP server specified as SMTP_SERVER to the
' user to tell them to change their password. You should change strFrom to match
' the email address of the administrator responsible for password changes.
' You will, at a minimum, need to change the SMTP_SERVER, the HOSTING_OU, and the
' STRFROM constants. If you run this on an Exchange server, then SMTP_SERVER can
' be "" - and it may be either an ip address or a resolvable name.
' If you don't have an OU containing sub-OU's to scan, then set HOSTING_OU to the
' empty string ("").
'Option Explicit
' Per environment constants - you should change these!
Const HOSTING_OU = "dahai Users"
Const SMTP_SERVER = "smtp.dahai.com"
Const STRFROM = "[email protected]"
'Const aDaysForEmail = Array( 1, 3, 5, 10, 15, 30)
' System Constants - do not change
Const ONE_HUNDRED_NANOSECOND = .000000100 ' .000000100 is equal to 10^-7
Const SECONDS_IN_DAY = 86400
Const ForWriting = 2
Dim objRoot
Dim numDays, iResult
Dim strDomainDN
Dim objContainer, objSub
Dim aDaysForEmail(6)
aDaysForEmail(1) = 1
aDaysForEmail(2) = 3
aDaysForEmail(3) = 5
aDaysForEmail(4) = 10
aDaysForEmail(5) = 15
aDaysForEmail(6) = 30
' 存放log到外部文件 -- Jerry
' 从这里开始
'Declare variables
Dim strTestMode
strTestMode = False 'use for debuging
'Cretae log file
Set WshSHell = CreateObject("WScript.Shell")
Set objFSO = CreateObject("Scripting.FileSystemObject")
strFileName = Replace(Datevalue(Now), "-", "_")
strFileName = Replace(strFileName, "/", "_")
Public fLog
Set oLog = objFSO.OpenTextFile(strFileName & ".txt", ForWriting, TRUE)
dp Now
dp ""
' 开始运行功能
Set objRoot = GetObject ("LDAP://RootDSE")
strDomainDN = objRoot.Get ("defaultNamingContext")
Set objRoot = Nothing
numdays = GetMaximumPasswordAge (strDomainDN)
dp "Maximum Password Age: " & numDays
If numDays > 0 Then
Set objContainer = GetObject ("LDAP://ou=IT服务部,ou=dahai Users," & strDomainDN)
Call ProcessFolder (objContainer, numDays)
Set objContainer = Nothing
If Len (HOSTING_OU_LEVEL2) > 0 Then
Set objContainer = GetObject ("LDAP://ou=IT服务部,ou=dahai Users," & strDomainDN)
For each objSub in objContainer
Call ProcessFolder (objSub, numDays)
Set objContainer = Nothing
End If
End If
dp ""
dp "The command runs successfully!"
dp Now
'Program ending
'WScript.Echo "Done"
Function GetMaximumPasswordAge (ByVal strDomainDN)
Dim objDomain, objMaxPwdAge
Dim dblMaxPwdNano, dblMaxPwdSecs, dblMaxPwdDays
Set objDomain = GetObject("LDAP://" & strDomainDN)
Set objMaxPWdAge = objDomain.maxPwdAge
If objMaxPwdAge.LowPart = 0 And objMaxPwdAge.Highpart = 0 Then
' Maximum password age is set to 0 in the domain
' Therefore, passwords do not expire
GetMaximumPasswordAge = 0
dblMaxPwdNano = Abs (objMaxPwdAge.HighPart * 2^32 + objMaxPwdAge.LowPart)
dblMaxPwdSecs = dblMaxPwdNano * ONE_HUNDRED_NANOSECOND
dblMaxPwdDays = Int (dblMaxPwdSecs / SECONDS_IN_DAY)
GetMaximumPasswordAge = dblMaxPwdDays
End If
End Function
Function UserIsExpired (objUser, iMaxAge, aDaysForEmail, iRes)
Dim intUserAccountControl, dtmValue, intTimeInterval
Dim strName
strName = Mid (objUser.Name, 4)
intUserAccountControl = objUser.Get ("userAccountControl")
If intUserAccountControl And ADS_UF_DONT_EXPIRE_PASSWD Then
dp "The password for " & strName & " does not expire."
UserIsExpired = False
iRes = 0
dtmValue = objUser.PasswordLastChanged
UserIsExpired = True
dp "The password for " & strName & " has never been set."
intTimeInterval = Int (Now - dtmValue)
dp "The password for " & strName & " was last set on " & _
DateValue(dtmValue) & " at " & TimeValue(dtmValue) & _
" (" & intTimeInterval & " days ago)"
If intTimeInterval >= iMaxAge Then
dp "The password for " & strName & " has expired."
UserIsExpired = True
iRes = Int ((dtmValue + iMaxAge) - Now)
dp "The password for " & strName & " will expire on " & _
DateValue(dtmValue + iMaxAge) & " (" & _
iRes & " days from today)."
UserIsExpired = False
For i = 1 To UBound(aDaysForEmail) - LBound(aDaysForEmail)
If iRes <= aDaysForEmail(i) Then
dp strName & " needs an email for password change"
UserIsExpired = True
Exit For
End If
If Not UserIsExpired Then
dp strName & " does not need an email for password change"
End If
End If
End If
End If
End Function
Sub ProcessFolder (objContainer, iMaxPwdAge)
Dim objUser, iResult
objContainer.Filter = Array ("User")
'Wscript.Echo "Checking company = " & Mid (objContainer.Name, 4)
For each objUser in objContainer
If Right (objUser.Name, 1) <> "$" Then
If IsEmpty (objUser.Mail) or IsNull (objUser.Mail) Then
dp Mid (objUser.Name, 4) & " has no mailbox"
If UserIsExpired (objUser, iMaxPwdAge, aDaysForEmail, iResult) Then
'wscript.Echo "...sending an email for " & objUser.Mail
Call SendEmail (objUser, iResult)
dp "...don't send an email"
End If
End If
End If
End Sub
Sub SendEmail (objUser, iResult)
Dim objMail
Set objMail = CreateObject ("CDO.Message")
objMail.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
objMail.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/smtpserver") = SMTP_SERVER
objMail.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
objMail.From = STRFROM
objMail.To = objUser.Mail
objMail.Subject = "dahai Password Expiration Reminder"
objMail.Textbody = "The system password for user " & objUser.userPrincipalName & _
" (" & objUser.sAMAccountName & ")" & vbCRLF & _
"will expire in " & iResult & " days. " & vbCRLF & _
"Please change it as soon as possible." & vbCRLF & vbCRLF & _
"Thank you," & vbCRLF & _
"IT administrator"
objMail.Textbody = "账号管理中心提示: " & vbCRLF & _
"您的dahai域账号密码将于" & iResult & "日后到期,请按下述方法进行进行更改:" & vbCRLF & _
"1. 如果您的计算机已加入到dahai域内,请通过按Ctrl+Alt+Del并选择更改密码选项,输入旧密码及新密码确认即可." & vbCRLF & _
"2. 如果您的计算机没有加入到dahai域,请通过登录https://changepwd.dahai.com/iisadmpwd 链接后通过dahai\id code的格式输入旧密码及新密码更改即可." & vbCRLF & _
"同时,因公司邮件系统密码与dahai域帐号密码无法自动同步,请按下述方法同时更改邮件系统密码:" & vbCRLF & _
""& vbCRLF & vbCRLF & _
"1. 登录您的个人网页邮箱,地址为Outlook中配置的接收邮件服务器,同时添加Https://(如 https://mail-huazhong01.dahai.com)." & vbCRLF & _
"2. 单击右上角的首选项,然后选择安全性,单击Internet选项,输入旧密码及新密码确认即可." & vbCRLF & _
"新、旧密码可以并存30分钟,所有服务器完成同步后,新密码正式生效." & vbCRLF & _
"dahai密码策略:用户密码周期:180天,最短使用周期:1天,密码由至少8位字母,数字及字符组成,同时不能使用5个历史密码." & vbCRLF & _
"如有疑问,请联系我们([email protected]) 或致电010 82826100 转 2220" & vbCRLF & _
""& vbCRLF & vbCRLF & _
"dahai account management center reminder:" & vbCRLF & _
"Your dahai domain account password in " & iResult & " later expired, please according to the following methods to make changes:" & vbCRLF & _
"1.if your computer has been added to the dahai domain, please press the Ctrl+Alt+Del and select change password option, enter old password and confirm new password;" & vbCRLF & _
"2.if your computer is not joined to the dahai domain, please login via https://changepwd.dahai.com/iisadmpwd link through the dahai\id code format enter old password and the new password change." & vbCRLF & _
"At the same time, because of the company's mail system code and dahai domain account password can not be automatically synchronized, please according to the following method at the same time change mail system password:" & vbCRLF & _
""& vbCRLF & vbCRLF & _
"1.login your personal webpage mailbox, address for the Outlook in the configuration of the receiving mail server, while adding Https:// ( such as https://mail-huazhong01.dahai.com )." & vbCRLF & _
"2.Click the upper right corner of the preferences, and then select safe, click Internet options, enter old password and confirm new password.." & vbCRLF & _
"The New and the old password can coexist in 30minutes, all servers when synchronization is complete, the new password entered into force." & vbCRLF & _
"dahai password policy : the user's password period: 180 days, the shortest period : 1 days, the password by at least 8 letters, numbers and characters, but can not use the 5 code of history." & vbCRLF & _
"If you have any questions, please contact us or call ( [email protected]) 010 82826100 -2220" & vbCRLF & _
""& vbCRLF & vbCRLF & _
"Thank you," & vbCRLF & _
Set objMail = Nothing
End Sub
Sub dp (str)
If strTestMode Then
WScript.Echo str
End If
oLog.WriteLine str
End Sub
