All Expired Accounts

This script will display all user accounts in AD that have expired, including service accounts unless you have a field called EmployeeType set to Service.

<?php
$ds = ldap_connect("server-dc.global.domain.com");
$OU = "OU=My Company, DC=global, DC=domain, DC=com";

$OUQuery =  "(&(objectCategory=Person)(objectClass=User)(!(employeetype=*ervice))(!(accountExpires=0))(!(accountExpires=9223372036854775807)))"; 

if ($ds)
{
    $r = ldap_bind($ds, "domain\eldap", "password");    

    if($r)
    {
		$sr   = ldap_search($ds, $OU, $OUQuery);
		$info = ldap_get_entries($ds, $sr);		

		for ($i=0; $i<$info["count"]; $i++)
		{
            for ($x=0; $x<$info[$i]["count"]; $x++)
               echo "<B>".$info[$i][$x].":</b> ". $info[$i][$info[$i][$x]][0]."<br>";

			   echo "<HR>\n";
		}
	}

	ldap_close($ds);
}
?>

You can also set a limit on how far back you’d like to go by using the following instead

<?php
$ds = ldap_connect("server-dc.global.domain.com");
$OU = "OU=My company, DC=global, DC=domain, DC=com";

$newExpiration = time();
$newExpiration += 11644524000;
$newExpiration *= 10000000;

$OUQuery   =  "(&(objectCategory=Person)(objectClass=User)(!(employeetype=*ervice))(!(accountExpires=0))(!(accountExpires=9223372036854775807))(accountExpires<=".sprintf ("%.0f", $newExpiration)."))"; 

if ($ds)
{
    $r = ldap_bind($ds, "domain\eldap", "password");    

    if($r)
    {
		$sr   = ldap_search($ds, $OU, $OUQuery);
		$info = ldap_get_entries($ds, $sr);		

		for ($i=0; $i<$info["count"]; $i++)
		{
            for ($x=0; $x<$info[$i]["count"]; $x++)
               echo "<B>".$info[$i][$x].":</b> ". $info[$i][$info[$i][$x]][0]."<br>";

			   echo "<HR>\n";
		}
	}

	ldap_close($ds);
}
?>

Or you can update the script to have the following code which will let you specify the date range (start and end) for the selection. The below values are submitted via a standard form via GET Method.

$wcE = $PHPtime;
$wcS = $PHPtime - (6 * 4 * 7 * 24 * 60 * 60);

if(isset($_GET["wcS"]))
    $wcS = $_GET["wcS"];
else
    $wcS = date("Ymd", $wcS);

if(isset($_GET["wcE"]))
    $wcE = $_GET["wcE"];
else
    $wcE = date("Ymd", $wcE);

$OUQuery = "(&(objectCategory=Person)(objectClass=User)(!(employeetype=*ervice))(!(accountExpires=0))(!(accountExpires=9223372036854775807))(accountExpires>=".StringDateToNumber($wcS).") (accountExpires<=".StringDateToNumber($wcE)."))";  


function StringDateToNumber($val)
{	// Date format should be YYYYMMDD
	$Year     = substr($val,0,4); 
	$Month    = substr($val,4,2);
	$Day      = substr($val,6,2);
	
	$tt = @gmmktime(12, 0, 0, $Month, $Day, $Year);
	$tt += 11644524000;
	$tt *= 10000000;	
	
	return sprintf ("%.0f", $tt);
}