Here you will find two VBS scripts that will read Active Directory (AD) and return all of the machines and their password age (In days) and send the results to an excel spreadsheet sorted by the password age column. The first script uses the local domain and the second one prompts you to enter a domain name.
Reads Local Domain:
Set objExcel = CreateObject("Excel.Application")
objExcel.Visible = True
objExcel.Workbooks.Add
intRow = 2
objExcel.Cells(1, 1).Value = "Machine Name"
objExcel.Cells(1, 2).Value = "Password Age"
Const ADS_SCOPE_SUBTREE = 2
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOOBject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("DefaultNamingContext")
strBase = "<LDAP://" & strDNSDomain & ">"
strFilter = "(&(ObjectCategory=Computer))"
strAttributes = "name, distinguishedName"
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";SubTree"
objCommand.CommandText = strQuery
objCommand.Properties("Page Size") = 99999
objCommand.Properties("Timeout") = 300
objCommand.Properties("Cache Results") = False
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
Do Until objRecordSet.EOF
Set objComputer = GetObject("LDAP://" & objRecordSet.Fields("distinguishedName") & "")
dtmValue = objComputer.PasswordLastChanged
dtmDiff = Datediff("D", dtmValue, Now)
strLasttime = dtmDiff
objExcel.Cells(intRow, 1).Value = objRecordSet.Fields("Name").value
objExcel.Cells(intRow, 2).Value = strLasttime
objRecordSet.MoveNext
intRow = intRow + 1
loop
objExcel.Range("A1:B1").Select
objExcel.Selection.Interior.ColorIndex = 19
objExcel.Selection.Font.ColorIndex = 11
objExcel.Selection.Font.Bold = True
objExcel.Cells.EntireColumn.AutoFit
Set objSheet = objExcel.ActiveWorkbook.Worksheets(1)
Set objRange = objExcel.Range("B1")
objRange.Sort objRange,1,,,,,,1
Msgbox "Done"
Prompts For Domain Name:
strDomain = InputBox("Enter Domain Domain")
objConnection.Provider = "ADsDSOObject"
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
strBase = "<LDAP://" & strDomain & ">"
VBS Script To Determine When All Users From A Specified Domain Password Was Last Changed
http://myitforum.com/cs2/blogs/dhite/archive/2007/08/26/vbs-script-to-determine-when-all-users-from-a-specified-domain-password-was-last-changed.aspx
This VBS script is a modified version of my previous post entitled VBS Scripts To Read Active Directory