Did you ever noticed some users always called you up that they can’t access Corporate Applications using their AD User Account? Probably their account may be get locked down or got expired!
If account was locked out we can see from ADUC console. But if it was expired no way you come to know that password has been expired! Microsoft has some interesting tool kit for this kind of troubleshooting i.e. Account Lockout Management Tools. Refer to next posting about this.
If account was expired we used to reset their password. Sometime after investigation we usually came to know these users are not logging into corporate domain. So they didn’t receive any kind of notification that their password is going to expire in so many days. By the way there is no in built notification facility available in Windows Infrastructure for this kind of users.
So now we have the requirement; we can achieve this using a customized VB Script which will scan remaining days for password expiration & will send out a sweet message(mail) to these users. For troubleshooting purpose we have to generate some kind of logs that to which users our application is sending notification.
Read the rest of this entry »