Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

net user password never expires option

1,075 views
Skip to first unread message

admin in need of help@discussions.microsoft.com network admin in need of help

unread,
Sep 22, 2006, 8:38:01 AM9/22/06
to
i am using net user batch file to create and add 142 user, i need to use the
password never expires option, but i am running into an issue, here is what i
have

net user ons1 #!wdfons1 /add /expires:never /passwordchg:no

the result of this is the line saying the comand completed successfully,
however when i look at the user properties, i see that the user cannot change
password selection is marked, but the password nerver expires box is not
marked.

i am running this on windows 2000 server

what have i done wrong. any help would be greatly appreciated.

Michael Harris (MVP)

unread,
Sep 22, 2006, 9:17:26 PM9/22/06
to


Per C:\>net user /help

/expires:never would apply to the user account expiration, not the password.

Try this Jerold Schulman solution...

JSI Tip 9625. How can a batch set a user's UserAccountControl attribute for
'Password never expires' on or off?
<http://www.jsifaq.com/SF/Tips/Tip.aspx?id=9625>

--
Michael Harris
Microsoft MVP Scripting


brian metzger

unread,
Sep 23, 2006, 9:07:01 AM9/23/06
to

"Michael Harris (MVP)" wrote:

> thank you for your assistance.

this does not look like it is working for me. it may just be me, i am new to
scripting, i have written 3 .vbs and about 5 .bat and i am still an infant at
it, learning more and more each day. can you explain to me what i would need
to do to set it to work for me, or is there a line or 2 out of it that i need
to incorporate into the script that i have?

thanks again
brian metzger

Jerold Schulman

unread,
Sep 23, 2006, 9:51:39 AM9/23/06
to

Where is it failing?
Did you change the @echo off to @echo on, remove the >nul 2>&1
and log the output?


Jerold Schulman
Windows Server MVP
JSI, Inc.
http://www.jsiinc.com
http://www.jsifaq.com

brian metzger

unread,
Sep 23, 2006, 10:17:02 AM9/23/06
to

"Jerold Schulman" wrote:

i did not, i have now, this is what i have

@echo on
setlocal
if {%2}=={} goto err
set ons1=%1
set YN=%2
set /a pnx=65536
set /a upnx=0
if /i "%YN%" EQU "Y" goto swok
if /i "%YN%" NEQ "N" goto err
:swok
set /a userAccountControl=999999999
call :getusr
if %userAccountControl% EQU 999999999 goto usrnf
if /i "%YN%" EQU "N" goto setoff
set /a upnx=%userAccountControl% ^& %pnx%
if %upnx% EQU %pnx% goto finish
set /a userAccountControl=%userAccountControl% ^| 65536
call :updusr>
goto finish
:setoff
set /a upnx=%userAccountControl% ^& %pnx%
if %upnx% NEQ %pnx% goto finish
set /a userAccountControl=%userAccountControl% ^^ 65536
call :updusr
:finish
endlocal
goto :EOF
:err
@echo Syntax: PwdNX ons1 Y^|N
endlocal
:usrnf
@echo Syntax: PwdNX ons1 Y^|N - %ons1% NOT found.
endlocal
goto :EOF
:getusr
for /f "Tokens=2 Delims=: " %%a in ('adfind -b %ons1% -nodn -noctl
userAccountControl^|find /i "userAccountControl"') do (
set /a userAccountControl=%%a
)
goto :EOF
:updusr
admod -b %ons1% "userAccountControl::%userAccountControl%"

this is what the results are:
the user name i am testing is ons1

password never expires option is still not checked.

and the cmd prompt shows the following

i ran from cmd prompt

c:\>pwdnvrx.bat
(this is the result)
c:\>setlocal

c:\>if {} == {} goto err
syntax PwdNX ons1 Y:N

c:\>endlocal
Syntax: PwdNX ons1 Y:N - NOT found.

c:\>endlocal

c:\>goto :EOF

c:\>

what have i messed up.
thanks for your help
brian metzger


>

Jerold Schulman

unread,
Sep 24, 2006, 8:05:42 AM9/24/06
to

Are you being funny or just dense?

1. DO NOT modify the batch file. Copy/Paste it just as it is.
2. At the CMD.EXE prompt, type:
pwdnx UserDN Y
where UserDN is the distinguished name of ons1.

0 new messages