Solved

List of users' password validity in AD

Posted on 2013-01-31
5
443 Views
Last Modified: 2013-01-31
Hello,
could anybody provide with any script (PowerShell) that I could run and get passwords validity off all my users in AD.

A.
0
Comment
Question by:ikealt
  • 3
5 Comments
 
LVL 42

Accepted Solution

by:
sedgwick earned 500 total points
ID: 38839305
here:

cls
   import-module ActiveDirectory
   $reportObject = @()
$userList = Get-ADUser -filter {Enabled -eq $True -and PasswordNeverExpires -eq  $False} -Properties "DisplayName", "msDS-UserPasswordExpiryTimeComputed" |  Where-Object {$_.DisplayName -ne $null}
$userList | %{

    $output = "" | Select DisplayName, ExpiryDate
    $output.DisplayName = $_.DisplayName
    $output.ExpiryDate = ([datetime]::FromFileTime($_."msDS-UserPasswordExpiryTimeComputed")).DateTime
    $reportObject += $output
    #Next 2 Lines provide debugging... I'm not sure the date time portion will work without having AD to play with
#    $output | fl *
#    ([datetime]::FromFileTime($_."msDS-UserPasswordExpiryTimeComputed")).DateTime 
}

$reportObject | Convertto-CSV -NoTypeInformation

Open in new window



From: powershell-get-password-expiration-for-all-non-disabled-users-in-ad
0
 
LVL 10

Expert Comment

by:Pramod Ubhe
ID: 38839522
So you need to check if user's password expired or not right?
I can give it to you tomorrow if you don't get it till that time.
0
 

Author Comment

by:ikealt
ID: 38839540
actually I need like a table with user name and date then password was changed / created and then will expire. Through GPO I set password validity for 110 days.
0
 

Author Comment

by:ikealt
ID: 38839554
one thing sedgwick, this script has to be run on a server, or can I run from any computer in AD with admin rights?
0
 

Author Comment

by:ikealt
ID: 38839572
ok, thanks it works.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question