How to Produce a List of Users and Their Last Password Change

This article was previously published under Q238374
This article has been archived. It is offered "as is" and will no longer be updated.
This article describes how to produce text file containing a sorted list of Windows NT domain users and the date and time of each user's last password change.
The method outlined in this article uses the Global.exe and Nltest.exe tools from the Windows NT 4.0 Resource Kit. Make sure that these tools are installed and available through the computer's PATH variable.
  1. Create a folder on the computer running Windows NT that has read/write permissions assigned to the user account with which you are logging on.
  2. Create the Lastpwd.bat and Lastpwd2.bat files listed in this article. Create these files in the folder created in step 1.
  3. Run the Lastpwd.bat file at a command prompt. The command has the following syntax:
    lastpwd domain_name
    For example: lastpwd mydomain

  4. Examine the contents of the Password.txt file.

    NOTE: Users listed in the Password.txt file without a date and time have never logged on to the domain.
NOTE: These batch files are designed to work with user names that can contain as many as three parts separated by spaces. For example, the following name is valid:
Firstname MiddleInitial Lastname
The following name is not valid:
Firstname MiddleInitial Lastname II
You can modify the two batch files to support more parts in a user name if necessary.


NOTE: The second line in the Lastpwd.bat file that begins with "for /F" is wrapped for readability. If this line is not corrected before running, the batch jobs do not work.
@echo offif "%1"=="" goto nodomainset dom=%1nltest /dcname:%1 | find "PDC for Domain" > temp1.txtfor /F "delims=\\ tokens=2" %%a in (temp1.txt) do set pdc=%%aif exist domusers.txt del domusers.txtif exist output.txt del output.txtif exist password.txt del password.txtif exist out2.txt del out2.txtif exist temp1.txt del temp1.txtecho.echo Generating list of users in %1echo.echo Please "domain users" %1 | find /v "$" > domusers.txtclsecho.echo Generating list of users - Doneecho.echo List generated. Checking password ages.echo.echo Please Wait...REM Next line wrapped for readability: it should all be on one line.for /F "delims=  tokens=1,2,3" %%a in (domusers.txt) do call lastpwd2.bat%pdc% %%a %%b %%cREM End of single line.sort < output.txt > out2.txtdel output.txtecho User account password ages for domain: %dom% >> password.txtecho ---------------------------------------------------- >> password.txttype out2.txt >> password.txtif exist out2.txt del out2.txtif exist temp.txt del temp.txtecho.echo List Completeecho.echo Output file is called Password.txtif exist domusers.txt del domusers.txtgoto end:nodomainecho Specify the target domain on the command lineecho EXAMPLE: LASTPWD MyDomainName:end				


rem %1 = pdcrem %2 = username1rem %3 = username2rem %4 = username3if not (%4) == () goto ThreeNameif not (%3) == () goto TwoNameset user=%2goto query:TwoNameset user=%2 %3goto query:ThreeNameset user=%2 %3 %4:querynltest /server:%1 /user:"%user%" | find "PasswordLastSet" > temp.txtfor /F "delims== tokens=2" %%a in (temp.txt) do set user=%user% %%aecho %user% >> output.txt				
For additional information, please click the article numbers below to view the articles in the Microsoft Knowledge Base:
197478 HOWTO: How to Detect and Remove Inactive Machine Accounts
158148 Domain Secure Channel Utility -- Nltest.exe
username password change

Article ID: 238374 - Last Review: 12/05/2015 15:23:47 - Revision: 2.1

Microsoft Windows NT Server 3.5, Microsoft Windows NT Server 3.51, Microsoft Windows NT Server 4.0 Standard Edition

  • kbnosurvey kbarchive kbhowto KB238374