dsquery and dsmodify

i making a use group in a active directory of server 2003. the active directory have grown, each day via LDAP, disable by default to enable and configure a exchange account, how to make a dsquery for disable account, for then, use dsmodify for enable, change property to (never password expire)? and is possible to make a script to configure exchange later? thanks in advanced.

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

brad-

An incredibly useful way to use piping is to query for all inactive user accounts and immediately disable them. Want to disable any user account that’s gone inactive for at least half a year? It's done like this:

dsquery user domainroot -inactive 26 | dsmod user -disabled yes

Microsoft Certified Professional Magazine Online | Column: Piping with DSQUERY

I dont think you can change the password expiration properties with a DS command...I would do that in group policy.

puertorico123

brad- wrote: »

Microsoft Certified Professional Magazine Online | Column: Piping with DSQUERY

I dont think you can change the password expiration properties with a DS command...I would do that in group policy.

dsquery user -disable | dsmod user -enable yes

this command generate a list of all user disable in the server for pipe to dsmod and automatic enable account?

blargoe

I think the -disable and -enable switches are for Account expiration, not password expiration

puertorico123

blargoe wrote: »

I think the -disable and -enable switches are for Account expiration, not password expiration

the switches are about account, because the LDAP make account but disable, to avoid one to one enable account (manualy) i need a batch proccesor, that get all disable account and enable automatic.

undomiel

You almost have it.

dsquery user -disable | dsmod user -disabled no

This one liner will pipe all the disabled users through dsmod which will enable the users. Enable is not a valid switch for dsmod.