Search This Blog

Wednesday, March 1, 2017

Get user password expiration date from Active Directory with Powershell

Here is a Powershell script I used to get following AD user information :

  1. When user will have to change his password (msDS-UserPasswordExpiryTimeComputed attribute)
  2. When user's password has been changed last time (passwordLastSet attribute)
  3. If Password Never Expires has been enabled for user
and then output information to CSV file:

Get-ADUser -filter * -Properties "DisplayName", "msDS-UserPasswordExpiryTimeComputed", "passwordLastSet", "PasswordNeverExpires" |
Select-Object -Property "Displayname",@{Name="ExpiryDate";Expression={[datetime]::FromFileTime($_."msDS-UserPasswordExpiryTimeComputed")}}, PasswordLastSet, PasswordNeverExpires |
sort-object -property ExpiryDate |Export-Csv C:\Output\passwords.csv

No comments:

Post a Comment