I am looking to modify my working vbscript to only enumerate the users not logged on in a defined variable amount of time. I tried to modify this using the function below, or any variation of, but since removed it as I was unsuccessful. The current script returns the lastlogontimestamp attribute without issue but I do not have experience with date comparisons. Thank you in advance for your time and assistance.
For Each strUser In objList
If Not objList(strUser) = #1/1/1601# Then
If DateDiff("d", objList(strUser), Now) > 30 Then
Wscript.Echo strUser & " ; " & objList(strUser)
End If
End If
Next Complete script:
'Craig
Option Explicit
set objFSO = CreateObject("scripting.filesystemobject")
set objFile = objFSO.createtextfile(".\_UserAudit.txt")
Const ADS_UF_ACCOUNTDISABLE = 2
Dim intUAC,strStatus,strDate
Dim objRootDSE, adoConnection, adoCommand, strQuery
Dim adoRecordset, strDNSDomain, objShell, lngBiasKey
Dim lngBias, k, strDN, dtmDate, objDate,objFSO,objFile,dtmPwdLastSet
Dim strBase, strFilter, strAttributes, lngHigh, lngLow,strWhenCreated,strSAM,strpwd,stremployeetype
' Obtain local Time Zone bias from machine registry.
Set objShell = CreateObject("Wscript.Shell")
lngBiasKey = objShell.RegRead("HKLM\System\CurrentControlSet\Control\" _& "TimeZoneInformation\ActiveTimeBias")
If (UCase(TypeName(lngBiasKey)) = "LONG") Then
lngBias = lngBiasKey
ElseIf (UCase(TypeName(lngBiasKey)) = "VARIANT()") Then
lngBias = 0
For k = 0 To UBound(lngBiasKey)
lngBias = lngBias + (lngBiasKey(k) * 256^k)
Next
End If
Set objShell = Nothing
'strDNSDomain="DC=DMAIN,DC=LOCAL"
'Uncomment so it does the currnet domain it runs in
' Determine DNS domain from RootDSE object.
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("defaultNamingContext")
Set objRootDSE = Nothing
' Use ADO to search Active Directory.
Set adoCommand = CreateObject("ADODB.Command")
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"
adoCommand.ActiveConnection = adoConnection
' Search entire domain.
strBase = "<LDAP://" & strDNSDomain & ">"
' Filter on all user objects.
strFilter = "(&(objectCategory=person)(objectClass=user))"
' Comma delimited list of attribute values to retrieve.
strAttributes = "distinguishedName,samaccountname,lastLogonTimeStamp,useraccountcontrol,pwdLastset,WhenCreated,employeetype"
' Construct the LDAP syntax query.
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
' Run the query.
adoCommand.CommandText = strQuery
adoCommand.Properties("Page Size") = 100
adoCommand.Properties("Timeout") = 60
adoCommand.Properties("Cache Results") = False
Set adoRecordset = adoCommand.Execute
objFile.WriteLine "sAMAccountName;distinguishedName;lastLogonTimestamp;Status;whenCreated;pwdLastSet"
Do Until adoRecordset.EOF
strDN = adoRecordset.Fields("distinguishedName").Value
strwhencreated = adoRecordset.Fields("whencreated").Value
strsam = adoRecordset.Fields("samaccountname").Value
stremployeetype = adoRecordset.Fields("employeetype").Value
intUAC=adoRecordset.Fields("userAccountControl").Value
If intUAC AND ADS_UF_ACCOUNTDISABLE Then
strStatus="DISABLED"
Else
strStatus="ENABLED"
End if
If (TypeName(adoRecordset.Fields("pwdLastSet").Value) = "Object") Then
Set objDate = adoRecordset.Fields("pwdLastSet").Value
dtmPwdLastSet = Integer8Date(objDate, lngBias)
Else
dtmPwdLastSet = #1/1/1601#
End If
' Retrieve attribute values for the user.
'strDN = adoRecordset.Fields("samaccountname").Value
' Convert Integer8 value to date/time in current time zone.
On Error Resume Next
Set objDate = adoRecordset.Fields("lastLogonTimeStamp").Value
If (Err.Number <> 0) Then
On Error GoTo 0
dtmDate = #1/1/1601#
Else
On Error GoTo 0
lngHigh = objDate.HighPart
lngLow = objDate.LowPart
If (lngLow < 0) Then
lngHigh = lngHigh + 1
End If
If (lngHigh = 0) And (lngLow = 0 ) Then
dtmDate = #1/1/1601#
Else
dtmDate = #1/1/1601# + (((lngHigh * (2 ^ 32)) _+ lngLow)/600000000 - lngBias)/1440
End If
End If
' Display values for the user.
If (dtmDate = #1/1/1601#) Then
strDate="Never"
Else
strDate=dtmDate
End If
objFile.WriteLine strsam & ";" & strDN & ";" & strDate & ";" & strStatus & ";" & strwhencreated & ";" & dtmPwdLastSet
adoRecordset.MoveNext
Loop
objFile.WriteLine "Complete"
objFile.Close
Function Integer8Date(ByVal objDate, ByVal lngBias)
' Function to convert Integer8 (64-bit) value to a date, adjusted for
' local time zone bias.
Dim lngAdjust, lngDate, lngHigh, lngLow
lngAdjust = lngBias
lngHigh = objDate.HighPart
lngLow = objdate.LowPart
' Account for error in IADsLargeInteger property methods.
If (lngLow < 0) Then
lngHigh = lngHigh + 1
End If
If (lngHigh = 0) And (lngLow = 0) Then
lngAdjust = 0
End If
lngDate = #1/1/1601# + (((lngHigh * (2 ^ 32)) _+ lngLow) / 600000000 - lngAdjust) / 1440
' Trap error if lngDate is ridiculously huge.
On Error Resume Next
Integer8Date = CDate(lngDate)
If (Err.Number <> 0) Then
On Error GoTo 0
Integer8Date = #1/1/1601#
End If
On Error GoTo 0
End Function