top of page

Do you have a client which insists on a service account having an expiring password, but not monitor



AD password expiry

A useful poweshell script to return a set of windows users (service accounts) and when they expiry and their passwords, returned in a csv file.

There are 3 parts to this:

  1. An input file

  2. A powershell script

  3. An output file

Input file

You will need a list of users (windows account, don't need the domain) in a txt file, return separated.

e.g.

svcfred

sachacohn

johnsmith

Powershell script

  1. Location of source file

  2. Location of output file

get-content "D:\Working Documents\ADAccountsStatus\ADAccounts.txt" | Get-ADUser -Properties "Name","AccountExpirationDate","msDS-UserPasswordExpiryTimeComputed" |

Select-Object "Name","AccountExpirationDate",@{n='PasswordExpiry';e={[DateTime]::FromFileTime($_."msDS-UserPasswordExpiryTimeComputed")}} | export-csv "D:\Working Documents\ADAccountsStatus\ADAccountsStatus.csv"

note - formats the password from a FileTimeUTC number into a readable date.

Output file

You will get a csv file with the account name, Account expiry and Password expiry.

Featured Posts
Recent Posts
Archive
Search By Tags
No tags yet.
Follow Us
  • Facebook Basic Square
  • Twitter Basic Square
  • Google+ Basic Square
bottom of page