Active Directory user without PasswordExpiry or long to Password Expiry : Expectus & exMon Support

Active Directory user without PasswordExpiry or long to Password Expiry Print

Modified on: Wed, 5 May, 2021 at 2:41 PM

# Searches for all users in AD that are enabled but the password never expires. Need to customize OU for each client

$refDate = (Get-Date).AddDays(180)





Get-ADUser -filter {Enabled -eq $True } –Properties "PasswordNeverExpires","passwordlastset", "DisplayName", "DistinguishedName", "msDS-UserPasswordExpiryTimeComputed" `

    | Where-Object { $_.Enabled -eq $true -and $_.DistinguishedName -like '*OU=Employees*' -and $_.DistinguishedName -notlike '*OU=Kerfisnotendur*' } `

    | Select-Object -Property "Displayname","DistinguishedName","PasswordNeverExpires","passwordlastset",@{Name="ExpiryDate";Expression={[datetime]::FromFileTime($_."msDS-UserPasswordExpiryTimeComputed")}} `

    | Where-Object { $_.PasswordNeverExpires -eq $true -or $_.ExpiryDate -gt $refDate }

Did you find it helpful? Yes No

Active Directory user without PasswordExpiry or long to Password Expiry Print

Related Articles