Sign in
Microsoft.com
 
Script Center
 
 
 
Script Center > Gallery > Active Directory > Enable Users to Change Their Passwords
TechNet Script Center logo

Welcome to the TechNet Script Center Gallery!
Each contribution is licensed to you under a License Agreement by its owner, not Microsoft. Microsoft does not guarantee the contribution or purport to grant rights to it.

Enable Users to Change Their Passwords

(Microsoft)
VERIFIED AND TESTED BY THE SCRIPT CENTER TEAM
Rate it:
 
 
 
 
 
Script Code
VBScript
Const ADS_ACETYPE_ACCESS_DENIED_OBJECT = &H6
Const CHANGE_PASSWORD_GUID  = _
    "{ab721a53-1e2f-11d0-9819-00aa0040529b}"
 
Set objUser = GetObject _
    ("LDAP://cn=myerken,ou=management,dc=fabrikam,dc=com")
Set objSD   = objUser.Get("nTSecurityDescriptor")
Set objDACL = objSD.DiscretionaryAcl
arrTrustees = Array("nt authority\self", "everyone")
 
For Each strTrustee In arrTrustees
    For Each ace In objDACL
        If(LCase(ace.Trustee) = strTrustee) Then
            If((ace.AceType = ADS_ACETYPE_ACCESS_DENIED_OBJECT) And _
               (LCase(ace.ObjectType) = CHANGE_PASSWORD_GUID)) Then
                   objDACL.RemoveAce ace
            End If
        End If
    Next
Next
 
objUser.Put "nTSecurityDescriptor", objSD
objUser.SetInfo
Platforms
Windows Server 2008 R2 No
Windows Server 2008 No
Windows Server 2003 Yes
Windows 7 No
Windows Vista No
Windows XP Yes
Windows 2000 Yes
For online peer support, join The Official Scripting Guys Forum! To provide feedback or report bugs in sample scripts, please start a new discussion on the Discussions tab for this script.
Disclaimer The sample scripts are not supported under any Microsoft standard support program or service. The sample scripts are provided AS IS without warranty of any kind. Microsoft further disclaims all implied warranties including, without limitation, any implied warranties of merchantability or of fitness for a particular purpose. The entire risk arising out of the use or performance of the sample scripts and documentation remains with you. In no event shall Microsoft, its authors, or anyone else involved in the creation, production, or delivery of the scripts be liable for any damages whatsoever (including, without limitation, damages for loss of business profits, business interruption, loss of business information, or other pecuniary loss) arising out of the use of or inability to use the sample scripts or documentation, even if Microsoft has been advised of the possibility of such damages.
Be the first to create a discussion.