VBS域密码过期邮件提醒
VBS域密码过期邮件提醒
作为一个企业管理员来说,日常的密码创建及重置工作会浪费很多时间,对于我们公司来说,很多客户确实不自觉,经常忘记自己的密码,忘记密码后就给IT部门发送邮件重置密码,一天重置密码最多的一次是400-500左右,作为IT人员肯定只能在心里说这些没有职业道德的人员,但是工作必需支持啊,为了降低管理员的日常工作,只能借助功能提醒用户密码即将过期了,今天呢,我模仿公司的架构来完成一个密码提醒功能;公司的策略设置密码最长使用周期为180天,用户的密码在过期的前30、15、7、3、2、1天进行提醒,该程序是用vbs脚本写的,为了执行,我们也同时借助了系统自带的计划任务来完成程序的运行;我们环境内设置,通过计划任务每天中午运行程序,如果用密码即将过期,系统就会给用户发送一封邮件。为了提醒的有效性,程序内通过判断,如果用户的密码大于等于30天的不给提醒,用户密码小于等回1,就提示用户通过某种方式去修改密码;当用户的密码小于等于0==那就是等于过期了,就提示用户通过自助的功能自己完成密码重置。这样就给管理员的日常维护工作上减少很多时间。具体见下:供大家学习。
脚本内容:
'ThisprogramscansallusersintheUserscontainerandallorganizationalunits'beneaththeHOSTING_OUorganizationalunit,foruserswhosepasswordshaveeither'alreadyexpiredorwillexpirewithinDAYS_FOR_EMAILdays.''Anemailissent,usingCDO,viatheSMTPserverspecifiedasSMTP_SERVERtothe'usertotellthemtochangetheirpassword.YoushouldchangestrFromtomatch'theemailaddressoftheadministratorresponsibleforpasswordchanges.''Youwill,ataminimum,needtochangetheSMTP_SERVER,theHOSTING_OU,andthe'STRFROMconstants.IfyourunthisonanExchangeserver,thenSMTP_SERVERcan'be"127.0.0.1"-anditmaybeeitheranipaddressoraresolvablename.''Ifyoudon'thaveanOUcontainingsub-OU'stoscan,thensetHOSTING_OUtothe'emptystring("").''OptionExplicit'Perenvironmentconstants-youshouldchangethese!ConstHOSTING_OU="IIOSOFTUsers"ConstHOSTING_OU2="iioUsers"ConstSMTP_SERVER="bj-smtp.IIOSOFT.com"ConstSTRFROM="resetpwd@IIOSOFT.com"'ConstaDaysForEmail=Array(1,3,5,10,15,30)'SystemConstants-donotchangeConstONE_HUNDRED_NANOSECOND=.000000100'.000000100isequalto10^-7ConstSECONDS_IN_DAY=86400ConstADS_UF_DONT_EXPIRE_PASSWD=&h20000ConstE_ADS_PROPERTY_NOT_FOUND=&h8000500DConstForWriting=2DimobjRootDimnumDays,iResultDimstrDomainDNDimobjContainer,objSubDimaDaysForEmail(6)aDaysForEmail(1)=1aDaysForEmail(2)=3aDaysForEmail(3)=5aDaysForEmail(4)=10aDaysForEmail(5)=15aDaysForEmail(6)=30'存放log到外部文件--Jerry'从这里开始'DeclarevariablesDimstrTestModestrTestMode=False'usefordebuging'CretaelogfileSetWshSHell=CreateObject("WScript.Shell")SetobjFSO=CreateObject("Scripting.FileSystemObject")strFileName=Replace(Datevalue(Now),"-","_")strFileName=Replace(strFileName,"/","_")PublicfLogSetoLog=objFSO.OpenTextFile(strFileName&".txt",ForWriting,TRUE)dpNowdp""'开始运行功能SetobjRoot=GetObject("LDAP://RootDSE")strDomainDN=objRoot.Get("defaultNamingContext")SetobjRoot=Nothingnumdays=GetMaximumPasswordAge(strDomainDN)dp"MaximumPasswordAge:"&numDaysIfnumDays>0ThenSetobjContainer=GetObject("LDAP://ou=IIOSOFTUsers,"&strDomainDN)CallProcessFolder(objContainer,numDays)SetobjContainer=NothingIfLen(HOSTING_OU2)>0ThenSetobjContainer=GetObject("LDAP://ou=BYSUsers,ou=IIOSOFTUsers,"&strDomainDN)'GetObject("LDAP://OU="&HOSTING_OU&","&strDomainDN)ForEachobjSubinobjContainerCallProcessFolder(objSub,numDays)NextSetobjContainer=NothingEndIfEndIfdp""dp"Thecommandrunssuccessfully!"dpNowoLog.Close'Programendingwscript.quit'WScript.Echo"Done"FunctionGetMaximumPasswordAge(ByValstrDomainDN)DimobjDomain,objMaxPwdAgeDimdblMaxPwdNano,dblMaxPwdSecs,dblMaxPwdDaysSetobjDomain=GetObject("LDAP://"&strDomainDN)SetobjMaxPWdAge=objDomain.maxPwdAgeIfobjMaxPwdAge.LowPart=0AndobjMaxPwdAge.Highpart=0Then'Maximumpasswordageissetto0inthedomain'Therefore,passwordsdonotexpireGetMaximumPasswordAge=0ElsedblMaxPwdNano=Abs(objMaxPwdAge.HighPart*2^32+objMaxPwdAge.LowPart)dblMaxPwdSecs=dblMaxPwdNano*ONE_HUNDRED_NANOSECONDdblMaxPwdDays=Int(dblMaxPwdSecs/SECONDS_IN_DAY)GetMaximumPasswordAge=dblMaxPwdDaysEndIfEndFunctionFunctionUserIsExpired(objUser,iMaxAge,aDaysForEmail,iRes)OnErrorResumeNextDimintUserAccountControl,dtmValue,intTimeIntervalDimstrNameErr.ClearstrName=Mid(objUser.Name,4)intUserAccountControl=objUser.Get("userAccountControl")IfintUserAccountControlAndADS_UF_DONT_EXPIRE_PASSWDThendp"Thepasswordfor"&strName&"doesnotexpire."UserIsExpired=FalseElseiRes=0dtmValue=objUser.PasswordLastChangedIfErr.Number=E_ADS_PROPERTY_NOT_FOUNDThenUserIsExpired=Truedp"Thepasswordfor"&strName&"hasneverbeenset."ElseintTimeInterval=Int(Now-dtmValue)dp"Thepasswordfor"&strName&"waslastseton"&_DateValue(dtmValue)&"at"&TimeValue(dtmValue)&_"("&intTimeInterval&"daysago)"IfintTimeInterval>=iMaxAgeThendp"Thepasswordfor"&strName&"hasexpired."UserIsExpired=TrueElseiRes=Int((dtmValue+iMaxAge)-Now)dp"Thepasswordfor"&strName&"willexpireon"&_DateValue(dtmValue+iMaxAge)&"("&_iRes&"daysfromtoday)."UserIsExpired=FalseFori=1ToUBound(aDaysForEmail)-LBound(aDaysForEmail)IfiRes<=aDaysForEmail(i)ThendpstrName&"needsanemailforpasswordchange"UserIsExpired=TrueExitForEndIfNextIfNotUserIsExpiredThendpstrName&"doesnotneedanemailforpasswordchange"EndIfEndIfEndIfEndIfEndFunctionSubProcessFolder(objContainer,iMaxPwdAge)DimobjUser,iResultobjContainer.Filter=Array("User")'Wscript.Echo"Checkingcompany="&Mid(objContainer.Name,4)ForeachobjUserinobjContainerIfRight(objUser.Name,1)<>"$"ThenIfIsEmpty(objUser.Mail)OrIsNull(objUser.Mail)ThendpMid(objUser.Name,4)&"hasnomailbox"ElseIfUserIsExpired(objUser,iMaxPwdAge,aDaysForEmail,iResult)Then'WScript.Echo"...sendinganemailfor"&objUser.MailCallSendEmail(objUser,iResult)Elsedp"...don'tsendanemail"EndIfEndIfEndIfNextEndSubSubSendEmail(objUser,iResult)OnErrorResumenextDimobjMailSetobjMail=CreateObject("CDO.Message")objMail.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendusing")=2objMail.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserver")=SMTP_SERVERobjMail.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserverport")=25objMail.Configuration.Fields.UpdateobjMail.From=STRFROMobjMail.To=objUser.MailobjMail.Subject="IIOSOFTPasswordExpirationReminder"objMail.Textbody="Thesystempasswordforuser"&objUser.userPrincipalName&_"("&objUser.sAMAccountName&")"&vbCRLF&_"willexpirein"&iResult&"days."&vbCRLF&_"Pleasechangeitassoonaspossible."&vbCRLF&vbCRLF&_"Thankyou,"&vbCRLF&_"ITadministrator"IfiResult>0ThenobjMail.htmlbody="<html><bodybackground='http://pic16.nipic.com/20110827/8091326_084040035000_2.jpg'align='left'style='color:#000000;font-family:Arial;font-size:10pt;font-style:normal;'>"&VbCrLf&_"<h3>IIOSOFTaccountmanagementcenterreminder:</h3>"&VbCrLf&_"<b><fontcolor='blue'>"&objUser.sAMAccountName&"</font></b>YourpasswordIn<b><fontcolor='red'>"&iResult&"</font></b>laterexpired,pleaseaccordingtothefollowingmethodstomakechanges:"&vbCRLF&_"<br/>PleaseClickHere<ahref='https://iis.IIOSOFT.com'>ChangePassword?</a>,inputyourIIOSOFTAcount<b><fontcolor='blue'>"&objUser.sAMAccountName&"</font></b>andoldpassword,thensubmitthenewpassword.Thenewpasswordwillbeeffective5minuteslaterafterdirectorysynchronization."&VbCrLf&_"<br/>Note:Thesystemwasintegrated,mailboxpasswordwillalsobemodified.Becausetheserverrequiressynchronizationupdate,mailboxpasswordwilltakeeffectin5minutes."&VbCrLf&_"<br/><br/>"&vbCRLF&vbCRLF&_"<br/>IIOSOFTpasswordpolicy:theuser'spasswordperiod:180days,theshortestperiod:1days,thepasswordbyatleast8letters,numbersandcharacters,butcannotusethe5codeofhistory."&vbCRLF&_"<br/>Ifyouhaveanyquestions,pleasecontactusorcall(resetpwd@IIOSOFT.com)01088881111-2220"&VbCrLf&_"<br/><br/>"&VbCrLf&vbCRLF&_"<b><fontcolor='blue'>"&objUser.sAMAccountName&"</font></b>您的密码将于<b><fontcolor='red'>"&iResult&"</font></b>日后到期,请按下述方法进行进行更改:"&vbCRLF&_"<br/>请单击这<ahref='https://iis.IIOSOFT.com'>修改密码?</a>,IIOSOFTAccount<b><fontcolor='blue'>"&objUser.sAMAccountName&"</font></b>,输入旧密码及新密码提交即可。由于需要进行目录同步,密码将在5分钟后生效."&VbCrLf&_"<br/>注:系统进行了集成,邮箱密码会同步更新.由于服务需要同步更新,邮箱密码将会在5分钟过后生效."&VbCrLf&_"<br/><br/>"&VbCrLf&VbCrLf&_"IIOSOFT密码策略:用户密码周期:180天,最短使用周期:1天,密码由至少8位字母,数字及字符组成,同时不能使用5个历史密码."&vbCRLF&_"如有疑问,请联系我们(resetpwd@IIOSOFT.com)或致电01088881111转2220"&VbCrLf&_""&VbCrLf&VbCrLf&_"<br/><br/>Thankyou,"&VbCrLf&_"<br/>xx科技账号管理中心"&_"</body>"&VbCrLf&_"</html>"ElseobjMail.htmlbody="<html><bodybackground='http://pic16.nipic.com/20110827/8091326_084040035000_2.jpg'align='left'style='color:#000000;font-family:Arial;font-size:10pt;font-style:normal;'>"&VbCrLf&_"<h3>IIOSOFTaccountmanagementcenterreminder:</h3>"&VbCrLf&_"<b><fontcolor='blue'>"&objUser.sAMAccountName&"</font></b>Yourpassword<fontcolor='red'>Hadexpired</font>,pleaseaccordingtothefollowingmethodstomakechanges:"&vbCRLF&_"<br/>PleaseClickHere<ahref='https://changepassword.IIOSOFT.com:9001/Home/VerifyIDcode'>ForgotPassword?</a>,inputyourIDCode<b><fontcolor='blue'>"&objUser.sAMAccountName&"</font></b>andoldpassword,thensubmitthenewpassword.Thenewpasswordwillbeeffective5minuteslaterafterdirectorysynchronization."&VbCrLf&_"<br/>Note:Thesystemwasintegrated,mailboxpasswordwillalsobemodified.Becausetheserverrequiressynchronizationupdate,mailboxpasswordwilltakeeffectin5minutes."&VbCrLf&_"<br/><br/>"&vbCRLF&VbCrLf&_"<br/>IIOSOFTpasswordpolicy:theuser'spasswordperiod:180days,theshortestperiod:1days,thepasswordbyatleast8letters,numbersandcharacters,butcannotusethe5codeofhistory."&vbCRLF&_"<br/>Ifyouhaveanyquestions,pleasecontactusorcall(resetpwd@IIOSOFT.com)01088881111-2220"&VbCrLf&_"<br/><br/>"&VbCrLf&vbCRLF&_"<b><fontcolor='blue'>"&objUser.sAMAccountName&"</font></b>您的密码已经<fontcolor='Red'>过期</font>,请通过以下方法进行进行更改:"&VbCrLf&_"<br/>请单击<ahref='https://changepassword.IIOSOFT.com/'>忘记密码?</a>,IDCode<b><fontcolor='blue'>"&objUser.sAMAccountName&"</font></b>,输入旧密码及新密码提交即可。由于需要进行目录同步,密码将在5分钟后生效."&VbCrLf&_"<br/>注:系统进行了集成,邮箱密码会同步更新.由于服务需要同步,邮箱密码将在5分钟后生效."&VbCrLf&_"<br/><br/>"&VbCrLf&VbCrLf&_"IIOSOFT密码策略:用户密码周期:180天,最短使用周期:1天,密码由至少8位字母,数字及字符组成,同时不能使用5个历史密码."&vbCRLF&_"如有疑问,请联系我们(resetpwd@IIOSOFT.com)或致电01088881111转2220"&VbCrLf&_""&VbCrLf&vbCRLF&_"<br/><br/>Thankyou,"&VbCrLf&_"<br/>xx科技账号管理中心"&_"</body>"&VbCrLf&_"</html>"EndIf'objMail.AddAttachment"c:\2.jpg"'添加附件objMail.SendSetobjMail=NothingEndSubSubdp(str)IfstrTestModeThenWScript.EchostrEndIfoLog.WriteLinestrEndSub
用户收到的邮件测试:
附件:http://down.51cto.com/data/2364943声明:本站所有文章资源内容,如无特殊说明或标注,均为采集网络资源。如若本站内容侵犯了原著者的合法权益,可联系本站删除。
