Powershell find user password expiration date
edited 2023-02-09
This started as a direct duplicate of https://powershell-guru.com/powershell-tip-38-find-the-user-password-expiration-date/ but I improved it.
For a nice powershell function that shows a human-readable date for when the password expires on an account:
function Get-ADUserPasswordExpiration { Param ( [string]$Identity ,[Parameter (Mandatory=$False)][string]$Server = "ipa.example.com" ,[Parameter (Mandatory=$False)][System.Management.Automation.PSCredential]$Credential = [System.Management.Automation.PSCredential]::Empty ) $Params = @{ Identity = $Identity Server = $Server Properties = 'msDS-UserPasswordExpiryTimeComputed' } If ($Credential.UserName){$Params["Credential"]=$Credential} [DateTime]::FromFileTime($((Get-ADUser @Params).'msDS-UserPasswordExpiryTimeComputed')) }
My value-add includes the optioanl -Server and -Credential parameters.
Also from that source
To list all the Active Directory constructed attributes:
Get-ADObject -SearchBase (Get-ADRootDSE).SchemaNamingContext -LDAPFilter "(&(systemFlags:1.2.840.113556.1.4.803:=4)(ObjectClass=attributeSchema))"
Comments