Tag Archives: VB

Excluding Windows 7 from Startup Scripts

Windows 7/Server 2008 comes with a host of new GPO settings that fill in the gaps that were left with Server 2003. Things like mapped drives, desktop shortcuts, and many of the other tasks that we used to handle with VBScripts are no longer necessary with Windows 7 and Server 2008.

You may find the need to exclude specific version of windows from startup scripts. Insert the following to the top of your VB script to exclude Windows 7

strComputer = "."
 Set objWMIService = GetObject("winmgmts:\" & strComputer & "rootcimv2")

Set colOperatingSystems = objWMIService.ExecQuery _
 ("Select * from Win32_OperatingSystem")

 For Each objOperatingSystem in colOperatingSystems

 msg = objOperatingSystem.Caption & " " & _
if instr(msg, "Microsoft Windows 7") > 0 then

end if

This can also be used to quickly exclude any version of windows from XP to 2000 if necessary.

Automated domain password expiration notifications through email

In an environment where every computer that you have is a PC and every computer is attached to your domain, password expiration is handled for you. If a users password is about to expire they are notified every time they log on and are forced to change it after it has expired.

Today, a network full of PC’s isn’t always feasible and, in some cases, adding the machine to the domain isn’t acceptable. I have worked in environments where every user had a laptop which could not be added to the domain. I have also worked in an environment where there were just as many Macs as PCs. I had to answer a question that I feel many admins will have to face in the next few years:

How do you manage password expiration for users that cannot be added to the domain?

There are a few restrictions that I placed on myself for this:

1) The solution should have a minimal impact on security.

2) The solution should preserve the use of SSL IMAP and SSL STMP for the users that require it.

3) The solution should require minimal maintenance.

4) The solution should be automated.

My answer to this was an automated password expiration email reminder and enabling password changing through OWA.

Scouring the web, I found a few pay for solutions, but I truly felt like this should be a feature that was included within windows.

Then I came across this:


It seemed perfect, if it worked.

After a bit of research I got the script to work and added a few things to it. The download link is below and the configuration options are as follows:

'Script Configuration Options
Const EMAIL_SERVER = "exchange.domain.local"
Const EMAIL_FROM = "administrator@domain.com"
Const OWA_STRING = "at https://exchange.domain.com"


'Where log files will be stored
'Remember to end with 
'This setting allows you to append the date to the log file so that you get an Archive

'SET DEBUG MODE to 1 to send all emails to debug_email
DEBUG_EMAIL = "jayt@domain.com"

EMAIL_SERVER sets the SMTP server that the email should be sent through
EMAIL_FROM sets the from address
OWA_STRING sets the owa address
FIRST_REMINDER_DAY sets the first day that the reminder should go out
START_REMINDER_DAYS sets the first day that the user should receive continuous reminders until the password has expired
In this case, the user would receive a reminder 10 days before the password expired and then on the 7th, 6th, 5th… until the password did expire.
LOG_PATH sets where the logs will be stored
APPEND_DATE allows you to append the run date to the end of the log so that you can have an archive
DEBUG_MODE sends all of the emails to the DEBUG_EMAIL if it is not set to 0
DEBUG_EMAIL is where you would get the password expiration emails if DEBUG_MODE is set

Set this vb script to run as a scheduled task under a domain admin account every day and your users will now get password expiration emails.

DOWNLOAD: Email_Reminder