?
Solved

List of users' password validity in AD

Posted on 2013-01-31
5
Medium Priority
?
455 Views
Last Modified: 2013-01-31
Hello,
could anybody provide with any script (PowerShell) that I could run and get passwords validity off all my users in AD.

A.
0
Comment
Question by:ikealt
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 42

Accepted Solution

by:
sedgwick earned 2000 total points
ID: 38839305
here:

cls
   import-module ActiveDirectory
   $reportObject = @()
$userList = Get-ADUser -filter {Enabled -eq $True -and PasswordNeverExpires -eq  $False} -Properties "DisplayName", "msDS-UserPasswordExpiryTimeComputed" |  Where-Object {$_.DisplayName -ne $null}
$userList | %{

    $output = "" | Select DisplayName, ExpiryDate
    $output.DisplayName = $_.DisplayName
    $output.ExpiryDate = ([datetime]::FromFileTime($_."msDS-UserPasswordExpiryTimeComputed")).DateTime
    $reportObject += $output
    #Next 2 Lines provide debugging... I'm not sure the date time portion will work without having AD to play with
#    $output | fl *
#    ([datetime]::FromFileTime($_."msDS-UserPasswordExpiryTimeComputed")).DateTime 
}

$reportObject | Convertto-CSV -NoTypeInformation

Open in new window



From: powershell-get-password-expiration-for-all-non-disabled-users-in-ad
0
 
LVL 10

Expert Comment

by:Pramod Ubhe
ID: 38839522
So you need to check if user's password expired or not right?
I can give it to you tomorrow if you don't get it till that time.
0
 

Author Comment

by:ikealt
ID: 38839540
actually I need like a table with user name and date then password was changed / created and then will expire. Through GPO I set password validity for 110 days.
0
 

Author Comment

by:ikealt
ID: 38839554
one thing sedgwick, this script has to be run on a server, or can I run from any computer in AD with admin rights?
0
 

Author Comment

by:ikealt
ID: 38839572
ok, thanks it works.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Suggested Courses

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question