Solved

Get-ADUserResultantPasswordPolicy - Seems to run but returns no results and no errors

Posted on 2016-08-30
4
159 Views
Last Modified: 2016-09-18
Im running whilst logged in as a domain admin. Any ideas?

Windows Server 2012
Active Directory
0
Comment
Question by:Dallas Smetter
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 5

Expert Comment

by:TechieMD
ID: 41776655
Is your domain functional level less than DS_BEHAVIOR_WIN2008? This may be the case. Other reasons for no return values can be found here.
0
 

Author Comment

by:Dallas Smetter
ID: 41776657
Both forest and domain are at 2008 R2
0
 
LVL 41

Accepted Solution

by:
Adam Brown earned 500 total points (awarded by participants)
ID: 41777082
Get-ADUserResultantPasswordPolicy  will return nothing if there is no Password Settings Object that applies to the user you run the cmdlet against. It will basically just query the msds-ResultantPSO attribute for any user you pass to the cmdlet and read the password settings for the referenced PSO. If no PSO is assigned to the user, this attribute doesn't exist for the user and can't be read, so the cmdlet returns nothing.
0
 
LVL 41

Expert Comment

by:Adam Brown
ID: 41803582
No response from user, but this is the most likely cause of the problem
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring basic necessities in order to use the 2010 version of Data Protection Manager. These include storage, agents, and protection jobs. Launch Data Protection Manager from the deskt…

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question