Untitled

mail@pastecode.io avatar
unknown
plain_text
a month ago
796 B
3
Indexable
Never
# Set the target date (current date)
$targetDate = Get-Date

# Calculate the expiration date (15 days from the current date)
$expirationDate = $targetDate.AddDays(15)

# Convert the expiration date to the FILETIME format used by Active Directory (64-bit integer)
$expirationDateFileTime = $expirationDate.ToFileTime()

# Construct the LDAP query
$ldapFilter = "(&(objectCategory=person)(objectClass=user)(pwdLastSet<=${expirationDateFileTime})(pwdLastSet>=1))"

# Execute the query using Get-ADUser
$users = Get-ADUser -Filter $ldapFilter -Properties pwdLastSet, "msDS-UserPasswordExpiryTimeComputed"

# Display the results
$users | Select-Object Name, SamAccountName, @{Name="PasswordExpiration"; Expression={[datetime]::FromFileTime($_."msDS-UserPasswordExpiryTimeComputed")}}
Leave a Comment