asked on
powershell problem with expired passwords
I have a problem with getting the correct password expire date form an active directory:
I need to notify users in timely fashion on expired passwords , so i found a script which worked for other customers:
https://gallery.technet.mi
with this customer i get a few valid values back but not the user which I'm expecting (one who has to change the password in 2 days from now)
with the command net user [username] /domain
i get the values for this user:
Password last set 7/24/2015 11:17:56 AM
Password expires 9/4/2015 11:17:56 AM
Password changeable 7/24/2015 11:17:56 AM
when i run a powershell script:
Get-ADUser -filter {Enabled -eq $True -and PasswordNeverExpires -eq $False} –Properties "DisplayName", "msDS-UserPasswordExpiryTi
i get the following output for the same user:
Displayname ExpiryDate
----------- ----------
[display name user] 1/1/1601 1:00:00 AM
so is'clear from the powershell command the paswword will not expire and the script wont sent the email to this user
I'm pretty sure i'm missing something. where comes the difference from in the net user command and the powershell script
and what can i do to solve this ?
I need to notify users in timely fashion on expired passwords , so i found a script which worked for other customers:
https://gallery.technet.mi
with this customer i get a few valid values back but not the user which I'm expecting (one who has to change the password in 2 days from now)
with the command net user [username] /domain
i get the values for this user:
Password last set 7/24/2015 11:17:56 AM
Password expires 9/4/2015 11:17:56 AM
Password changeable 7/24/2015 11:17:56 AM
when i run a powershell script:
Get-ADUser -filter {Enabled -eq $True -and PasswordNeverExpires -eq $False} –Properties "DisplayName", "msDS-UserPasswordExpiryTi
i get the following output for the same user:
Displayname ExpiryDate
----------- ----------
[display name user] 1/1/1601 1:00:00 AM
so is'clear from the powershell command the paswword will not expire and the script wont sent the email to this user
I'm pretty sure i'm missing something. where comes the difference from in the net user command and the powershell script
and what can i do to solve this ?
PowershellWindows Server 2008Active Directory
Last Comment
Mirjam Block
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
The manageengine solution looks promising;
the comment about the 1601 for expired passords gave me some insight in the way some things work.
my problem is not solved completely but i have some options
Many Thanks !
the comment about the 1601 for expired passords gave me some insight in the way some things work.
my problem is not solved completely but i have some options
Many Thanks !
in the net user command i get a different date than the 1/1/1601 value. do i look at the wrong field with my powershell command ?