Solved

Password aging reports for Active Directory

Posted on 2011-03-01
4
1,429 Views
Last Modified: 2012-05-11
I have Windows 2003 domain (perhaps will be 2008 domian in the coming year) and I want to know what people use for password management.  My biggest need right now is being able to run a report on all users in AD to show me when they last changed their password, and how long before it expires.  Any other features are a plus, but password aging reports is the big one.
0
Comment
Question by:Ad-Apex
4 Comments
 
LVL 39

Accepted Solution

by:
Krzysztof Pytko earned 125 total points
ID: 35007675
You can use for that Microsoft DS Tools,
ADFind from
http://www.joeware.net/freetools/tools/adfind/index.htm
or
Quest PowerShell cmd-lets
http://www.quest.com/powershell/activeroles-server.aspx
or if it's 2008 R2
native PowerShell commands

Regards,
Krzysztof
0
 
LVL 27

Assisted Solution

by:KenMcF
KenMcF earned 125 total points
ID: 35007712
I agree with iSiek. The quest AD cmdlets are a great tool. You can use something like this to get a report for user passwords

get-qaduser -sizelimit 0 | Select Name, PasswordLastset, PasswordAge, PasswordExpires | Export-csv c:\userspasswords.csv
0
 
LVL 12

Expert Comment

by:FarWest
ID: 35007975
0
 

Author Closing Comment

by:Ad-Apex
ID: 35009782
Thanks!  I used the Quest cmdlets link from iSiek along with the command from KenMcF.
0

Featured Post

Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

735 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question