I have had occasion recently to run scripts to query Microsoft Server 2003 Active Directory to determine which accounts have “password never expires”, “user can’t change password”, and the like. I dabble in scripting off and on and tend to use samples I find on the net as a starting place. I took a course in VBScript a few years ago which has helped. I’m no stranger to programming having programmed in IBM assembler and PL/1 on IBM mainframes back in the dark ages. I’ve stumbled across a number of good reference web sites for Active Directory LDAP queries:
Yesterday I stumbled across the ADSI Scripting for Administering Windows 2000/2003 Networks
Daniel Petri’s site LDAP search strings samples has lots good examples
The sample chapter from the book Managing Enterprise Active Directory With Lightweight Directory Access Protocol (LDAP) was helpful. I might even buy the book.
I’ll update this post with additional links in the future.