On Error Resume Next
Dim ExpirationDate, ManagerMail, UserMail, UserName, ExpDiff
LF = chr(10) + chr(13)
outfile="Expirations.csv"
Set fsomain=createobject("scripting.filesystemobject")
Set results=fsomain.createtextfile(outfile)
Const ADS_SCOPE_SUBTREE = 2
Const ADS_UF_ACCOUNTDISABLE = 2
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection
objCommand.Properties("Page Size") = 5000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
objCommand.CommandText = _
"SELECT sAMAccountName, userAccountControl, accountExpires,givenName, mail, distinguishedname, cn, SN, department, manager, telephoneNumber FROM " _
& "'LDAP://ou=User accounts,dc=yourCompany,dc=org' WHERE " _
& "objectCategory='user' and accountExpires='*' and accountExpires<>'0' and accountExpires<>'9223372036854775807' and accountExpires<>'null'"
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
Do Until objRecordSet.EOF
intUAC=objRecordSet.Fields("userAccountControl")
If intUAC AND ADS_UF_ACCOUNTDISABLE Then
objRecordSet.MoveNext
End If
fullname = ""
ExpirationDate = ""
ManagerMail = ""
UserName = ""
fullname= objRecordSet.Fields("givenName").Value & " " & objRecordSet.Fields("SN").Value
UserName = objRecordSet.Fields("sAMAccountName").Value
UserMail = objRecordSet.Fields("mail").Value
Call GetExpirationDate(objRecordSet.Fields("distinguishedname").Value)
ExpDiff = DateDiff("d", CDate(Date), CDate(ExpirationDate))
If ExpDiff = 1 or ExpDiff =7 or ExpDiff = 14 or ExpDiff = 21 or ExpDiff = 28 Then
'If ExpDiff = 21 or ExpDiff = 28 Then
'If ExpDiff > -1 and expDiff < 15 then
Call GetManagerMail(objRecordSet.Fields("manager").Value)
Call MailAlert(ManagerMail)
Call MailAlert(UserMail)
results.writeline UserName & ", " & ExpirationDate & ", " & ExpDiff & ", " & UserMail & ", " & ManagerMail
'wscript.echo UserName & ", " & ExpirationDate & ", " & ExpDiff & ", " & UserMail & ", " & ManagerMail
End If
objRecordSet.MoveNext
Loop
wscript.echo "Complete"
Function GetExpirationDate(DN)
'On Error Resume Next
strLDAP = "LDAP://" & DN
Set User = GetObject (strLDAP)
dtmAccountExpiration = User.AccountExpirationDate
If err.number = -2147467259 Or dtmAccountExpiration = "1/1/1970" Then
ExpirationDate = "No account expiration specified"
Else
ExpirationDate = User.AccountExpirationDate
ArrExpirationDate=Split(ExpirationDate)
ExpirationDate = RTrim(LTrim(ArrExpirationDate(0)))
End If
Set User = Nothing
'wscript.echo ExpirationDate
End Function
Function GetManagerMail(strObjectDN)
On Error Resume Next
Set objUser = GetObject("LDAP://" & strObjectDN)
ManagerMail = objUser.Get("mail")
End Function
'****************************************************************
Sub MailAlert(Mail)
On Error Resume Next
' Send by connecting to port 25 of the SMTP server.
Const cdoSendUsingPort = 2
set iMsg = CreateObject("CDO.Message")
set iConf = CreateObject("CDO.Configuration")
Set Flds = iConf.Fields
' Set the CDOSYS configuration fields to use port 25 on the SMTP server
With Flds
.Item("http://schemas.microsoft.com/cdo/configuration/sendusing") = cdoSendUsingPort
.Item("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "mail.YourCompany.com"
' .Item("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "waprdmsimc01"
.Item("http://schemas.microsoft.com/cdo/configuration/smtpconnectiontimeout") = 10
.Update
End With
' Build HTML for message body.
shtml =""
shtml = shtml & "NT Expiration Notice"
shtml = shtml & "Please review the expiration date for the NT ID below"
shtml = shtml & "YourCompany Partner, "
shtml = shtml & "You are receiving this email because our records indicate that the NT (Network)account for " & UserName & " is set to expire in " & ExpDiff & " days."
shtml = shtml & " Contractors, please engage your manager to prevent service interruption. "
shtml = shtml & "Managers, "
shtml = shtml & "No action needed if: NT ID should expire on the expiration date"
shtml = shtml & "
Verify the expiration date: check the Econometrix system by going to Search > Criteria....search for your contractor to find the end date."
shtml = shtml & "
o If date is accurate in Econometrix, extend the end date via the Expiration Automation Tool."
shtml = shtml & "
o If it is not accurate in Econometrix, submit an extension request via the Comsys Vendor Management System (VMS) - Econometrix."
shtml = shtml & "
·If and when approved, extend the end date via the "
shtml = shtml & "Expiration Automation Tool. If it's not approved no action is needed.
"
shtml = shtml & "If you don't use the Econometrix VMS, extend the end date via the "
shtml = shtml & "Expiration Automation Tool.
"
shtml = shtml & "If this contractor/vendor no longer reports to you, forward this e-mail to the new manager. New managers will"
shtml = shtml & "need to “adopt” the contractor/vendor and extend the end date via the "
shtml = shtml & "See How"
shtml = shtml & "to Use the NT Exipration Automated Tool for instructions on using the tool. "
shtml = shtml & "Note:"
shtml = shtml & "VPN Certificates for non-YourCompany computers expire periodically. Renewing the NT"
shtml = shtml & "account does not automatically renew the VPN Certificate. To renew the VPN"
shtml = shtml & "Certificate, the Manager goes to Reliance and submits a request for VPN"
shtml = shtml & "->Certificate Exception. Include an email approval from a Director. "
shtml = shtml & "If you have any additional questions / comments, send mail to ESIS Specialists"
shtml = shtml & "(NASA) in the GAL. "
shtml = shtml & "If you experience problems accessing this tool please contact the YourCompany EIT Helpdesk."
shtml = shtml & " "
shtml = shtml & "Thank you for your continued support. "
shtml = shtml & ""
shtml = shtml & "Enterprise Information Security "
shtml = shtml & " | 
