hmedme
asked on
Find Expired User Passwords on Server 2003 R2 Domain
Hello,
I am in need of help finding users accounts who's password is or will be expiring. Many of my users are remote (mobile devices) and do not log into a workstation on the domain and do not get a indication their password will be expiring. My domain controller is a Windows Server 2003 R2 SP2 install. I have experience with Group Policy, but little with Power Shell and scripts.
Thank you for your time in advance.
I am in need of help finding users accounts who's password is or will be expiring. Many of my users are remote (mobile devices) and do not log into a workstation on the domain and do not get a indication their password will be expiring. My domain controller is a Windows Server 2003 R2 SP2 install. I have experience with Group Policy, but little with Power Shell and scripts.
Thank you for your time in advance.
Last Comment
There are few links , which explains how to use powershell to accomplish this task
http://community.spiceworks.com/scripts/show/804-powershell-function-get-pwdage
http://social.technet.microsoft.com/Forums/windowsserver/en-US/a74b6d0f-64ce-4685-a00c-63217708581b/password-age-with-ad-directory-powershell
Thanks,
-Prashant Girennavar.
http://community.spiceworks.com/scripts/show/804-powershell-function-get-pwdage
http://social.technet.microsoft.com/Forums/windowsserver/en-US/a74b6d0f-64ce-4685-a00c-63217708581b/password-age-with-ad-directory-powershell
Thanks,
-Prashant Girennavar.
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
A same thread to your query
https://www.experts-exchange.com/questions/28210118/Password-Resetting-Whilst-Logged-In.html
Cheers..!!
https://www.experts-exchange.com/questions/28210118/Password-Resetting-Whilst-Logged-In.html
Cheers..!!
ASKER
Thanks for all the responses. I will get back to this thread with results ASAP.
Thanks again.
Thanks again.
ASKER
Ok, I decided on giving Quest ActiveRoles Management Shell as shot as has other commands I can use. I tried running the following but it returns no results.
Get-QADUser -AccountExpiresBefore "December 31, 2013"
Get-QADUser -AccountExpiresBefore "September 14, 2014"
The following command does return results:
Get-QADUser -CreatedAfter "January 1, 2009"
Thanks!
Get-QADUser -AccountExpiresBefore "December 31, 2013"
Get-QADUser -AccountExpiresBefore "September 14, 2014"
The following command does return results:
Get-QADUser -CreatedAfter "January 1, 2009"
Thanks!
ASKER
I think this nailed it:
Get-QADUser -Name * | select givenName,sn,name,Password
Thank you all for your help. Excellent range of answers and angles.
Get-QADUser -Name * | select givenName,sn,name,Password
Thank you all for your help. Excellent range of answers and angles.
Windows Server 2003
Windows Server 2003 was based on Windows XP and was released in four editions: Web, Standard, Enterprise and Datacenter. It also had derivative versions for clusters, storage and Microsoft’s Small Business Server. Important upgrades included integrating Internet Information Services (IIS), improvements to Active Directory (AD) and Group Policy (GP), and the migration to Automated System Recovery (ASR).
129K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
Basically, the script (as it is in that example) will find users within a 14 day expiration period and generate an email to them. You may not need to notify them via email, so that part is up to you. The 14 day trigger point will be your notification that an account is within that 14 day period (that is configurable).
Let us know if you need help adjusting any of the code!