Powershell: Password report

Hello,

I have the following code to get the password expiration report. I need assistance in modifying the code to get just the total counts of users password expiring on a specific date. For instance: 01/01/2016

Import-Module ActiveDirectory
Get-ADUser -filter {Enabled -eq $True -and PasswordNeverExpires -eq $False -and physicalDeliveryOfficeName -like "*" } `
–Properties "SamAccountName","mail","pwdLastSet","physicaldeliveryofficename","msDS-UserPasswordExpiryTimeComputed" |
Select-Object -Property "SamAccountName","mail","physicaldeliveryofficename",@{Name="Password Last Set";`
Expression={[datetime]::FromFileTime($_."pwdLastSet")}}, @{Name="Password Expiry Date";`
Expression={[datetime]::FromFileTime($_."msDS-UserPasswordExpiryTimeComputed")}} |
 Export-CSV "C:\PasswordExpirationReport.csv" -NoTypeInformation -Encoding UTF8
Parity123Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Jason CrawfordTransport NinjaCommented:
So you're going to specify the date when calling the function, and it should in turn return the number of days before the password expires based on the date you specify?
Parity123Author Commented:
I can specify the date with a variable in the code.
$mydate="01/01/2016"

and I want the total count of users password expiring on this date.
Jason CrawfordTransport NinjaCommented:
should that include all passwords that have already expired or just passwords expiring on that exact date?
OWASP: Threats Fundamentals

Learn the top ten threats that are present in modern web-application development and how to protect your business from them.

Parity123Author Commented:
just on that exact date.
Jason CrawfordTransport NinjaCommented:
This is what I have so far.  It's late and I'm beat so I'll pick it up again tomorrow.  Feel free to modify as needed, but honestly I feel like I'm off track on this one:

[datetime]$date = Read-Host 'Enter date'
$expiry = Get-ADUser -filter {Enabled -eq $True -and PasswordNeverExpires -eq $False} –Properties 'DisplayName', 'msDS-UserPasswordExpiryTimeComputed' | Select-Object -Property 'DisplayName',@{n='ExpirationDate';e={[datetime]::FromFileTime($_.'msDS-UserPasswordExpiryTimeComputed')}}

foreach ($i in $expiry) {
    if ($i.ExpirationDate -eq $date) {
        Write-Host $i
    }
}

Open in new window

Parity123Author Commented:
Thanks Jason. I tried.

For instance: The value for $i.ExpirationDate is 1/5/2016 9:50:54 AM.

I set the variable $mydate="1/5/2016" just to try

and I changed the code to if ($i.ExpirationDate -contains $mydate) and it does not return anything.
Jason CrawfordTransport NinjaCommented:
Yea I tried to be as upfront as I could that it was an untested script.  I just wanted to put something out there we can use to build on.  I have three Exchange migrations I'm working on at the moment and I just couldn't look at my computer any longer last night.  I'll edit the script and have an updated version to you by the end of the day.
Jason CrawfordTransport NinjaCommented:
Actually that looks pretty good minus a formatting change in the output.  If you modify the operator in the if statement to -ne it returns results.  Try using a known password expiration date

Import-Module activedirectory
[datetime]$date = Read-Host 'Enter date'
$expiry = Get-ADUser -filter {Enabled -eq $True -and PasswordNeverExpires -eq $False} –Properties 'DisplayName', 'msDS-UserPasswordExpiryTimeComputed' | Select-Object -Property 'DisplayName',@{n='ExpirationDate';e={[datetime]::FromFileTime($_.'msDS-UserPasswordExpiryTimeComputed')}}

foreach ($i in $expiry) {
    if ($i.ExpirationDate -eq $date) {
        Write-Host 'The password for' $i.DisplayName 'will expire on' $i.ExpirationDate
    }
}

Open in new window

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Parity123Author Commented:
I tried and does not return any values. some if the values are

12/22/2015 10:35:14 AM
1/9/2016 4:30:10 PM
12/26/2015 8:46:00 AM
2/7/2016 1:31:40 PM
2/5/2016 10:11:07 AM
12/26/2015 12:08:11 AM

I think the issue is comparison. I even hardcoded the date to $mydate="2/5/2016", and used -contains $mydate and does not return values.
Jason CrawfordTransport NinjaCommented:
That's odd we're seeing different results.  I'll keep working on it today.  What PowerShell version are you using?  Just run this command to check:

$PSVersionTable.PSVersion
Parity123Author Commented:
V4.0
Parity123Author Commented:
Can someone please assist. Thanks.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Powershell

From novice to tech pro — start learning today.