How can I check what users have not logged into their accounts > 60 days using Active Directory and Windows 2000?
There are several ways to perform this. A simple way to perform this would be to run the NET USER command on any user that you would like to know. You could also use ADSI scripting to produce the output a little cleaner. . Output a list of the names by exporting them from AD. Then you can use a simply FOR statement to reset the accounts. Let's say your text file is names.txt. Create a batch file called CheckUser.bat. Put in the batch file the following:
FOR /F %%I in (names.txt) do SHOWUSER
NET USER %%I /DOMAIN | FIND "Last logon"