LDAP Active Directory Query

Hello,

I am trying to query user accounts on AD using LDAP query. When I run the following script I get no result, I am hoping to get accountExpires info for any user logged in.

from java.util import *
from javax.naming import *
from javax.naming.directory import *
from javax.naming.ldap import *
import java.util.Hashtable
import java.util.Enumeration
env = Hashtable()
env.put(Context.INITIAL_CONTEXT_FACTORY, “com.sun.jndi.ldap.LdapCtxFactory”)
env.put(Context.PROVIDER_URL, “ldap://serverip:389”)
env.put(Context.SECURITY_AUTHENTICATION, “simple”)
env.put(Context.SECURITY_PRINCIPAL, “username”)
env.put(Context.SECURITY_CREDENTIALS, “password”)
ctx = InitialLdapContext(env,None)
searchCtls = SearchControls()
returnedAtts = (“sn”,“givenName”,“cn”)
searchCtls.setReturningAttributes(returnedAtts)
searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE)
pageSize = 1000
cookie = None
ctx.setRequestControls([PagedResultsControl(pageSize,Control.CRITICAL)])
results = ctx.search(“dc=xxx,dc=xxx,dc=xxx”,"(&(objectCategory=person)(objectClass=user))",searchCtls)
while (results != “” and results.hasMoreElements()):
entry = results.next()
attrs=entry.getAttributes()
try:
print attrs.get(“givenName”).get() + " " + attrs.get(“sn”).get()
except:
pass

Any help would be much appreciated, I get no errors, but also no print of attributes!

Specifically, we want to query the users password expiration date. We are struggling to find example of this, not much help available from IT department either.