>Thing is...You can go into ADSIEdit and modify it.... But is that against "the content rules" ???
Content rules determine the mandatory and optional attributes of the class instances that are stored in the directory. New objects must contain all of the mandatory attributes that are specified by the classSchema object in the schema and can contain any of the optional attributes. In Active Directory, the content rules are completely expressed by the mustHave, mayHave, mayContain, systemMustContain, and systemMayContain attributes of the schema definitions for each class. In addition, specific marked attributes have additional restrictions imposed by the Security Account Manager (SAM). SAM read-only objects consist of the following: revision, objectSID, domainReplica, creationTime modifiedCount, modifiedCountAtLastPromotion, nextRID, serverState, samAccountType, isCriticalSystemObject, dbcsPwd, ntPwdHistory,lmPwdHistory, lastLogon, lastLogoff, badPasswordTime, badPwdCount ,logonCount, supplementalCredentials -----Original Message----- From: John F. Hann [mailto:[EMAIL PROTECTED] Sent: Thursday, March 27, 2003 3:30 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Reset BadPwdCount property for users Thing is...You can go into ADSIEdit and modify it.... -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Free, Bob Sent: Thursday, March 27, 2003 5:09 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Reset BadPwdCount property for users It's a SAM read-only object AFAIK, you can't modify it. -----Original Message----- From: John F. Hann [mailto:[EMAIL PROTECTED] Sent: Thursday, March 27, 2003 2:02 PM To: ActiveDir List Subject: [ActiveDir] Reset BadPwdCount property for users Is the BadPwdCount property read only? I have tried to reset this with the following script and get errors Set Ulist = GetObject("LDAP://ou=My Users,DC=My,DC=domain,DC=com") For Each User In Ulist If user.badpwdcount > 5 then WScript.Echo(user.fullname & " " & user.badpwdcount) user.badpwdcount = 0 user.setinfo End if Next John Hann BancorpSouth 662.678.7179 List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
