<div>
There's <b>Get-ADFineGrainedPasswordP<wbr />olicy -Filter *</b>, which will return all FGPP in the domain; the property AppliesTo will contain a list of DistinguishedNames of objects to which the FGPP will apply.<br />
For details about the AppliesTo, you can use <b>Get-ADFineGrainedPasswordP<wbr />olicySubje<wbr />ct</b>.<br />
So what do you understand under &quot;friendly user report&quot;? Do you just want the FGPP name and associated objects, or details about the respective FGPP as well? Do you want the objects as a list in a single cell, or a separate row for each object to which a FGPP applies?<br />
In other words: which properties of the results you get from the commands above do you need in the report?
</div>


IT Professional

Albert Widjaja

<div>
Just really the SamAccountName and CN for users subject to each FGPP. I will take a look at the standard output of the command you provided.
</div>


Pau Lo

<div>
that works perfectly, and yes the the policies were assigned to groups not directly to user accounts.
</div>


<div>
<div class="content wysiwyg-content fr-view">
is there any clever way within PowerShell to report for each fine grained password policy set in a domain, which user accounts are subject to it? Or if not within PowerShell, an alternative method to get a friendly user report of policy to users.
</div>
</div>



is there any clever way within PowerShell to report for each fine grained password policy set in a domain, which user accounts are subject to it? Or if not within PowerShell, an alternative method to get a friendly user report of policy to users.

fine grained password policy to users merge

Windows PowerShell is a task automation and configuration management framework from Microsoft, consisting of a command-line shell and associated scripting language built on the .NET Framework. PowerShell provides full access to the Component Object Model (COM) and Windows Management Instrumentation (WMI), enabling administrators to perform administrative tasks on both local and remote Windows systems as well as WS-Management and Common Information Model (CIM) enabling management of remote Linux systems and network devices.

Powershell

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.