Author Posts

July 11, 2017 at 8:48 pm

Hello there
I'm trying to get users who have badpasswordtime updated within past 10 days.
I have the following:

$date = ((Get-Date).AddDays(-10)).ToString('g')
Get-ADUser -Filter "(badpasswordtime -gt '$date')" -SearchBase "OU=Corporate,OU=SomeUserOU,DC=domain,DC=local" -Property badpasswordtime -server someGC

For some strange reason it doesn't work... now, if I replace badpasswordtime with pwdlastset it works fine, any ideas?
Thank you

July 11, 2017 at 9:23 pm

Are you sure it worked for pwdLastSet rather than PasswordLastSet?

pwdLastSet and badPasswordTime are stored as Int64 objects. PasswordLastSet and LastBadPasswordAttempt are stored as DateTime objects.

For your comparison, where $date represents a DateTime object, you should do your comparison against LastBadPasswordAttempt.

Alternatively, if you have to compare against badPasswordTime, use the ToFileTime() method to convert your date to the correct format:

$date = ((Get-Date).AddDays(-10)).ToFileTime()

July 12, 2017 at 11:18 am

ugh, got those two attributes confused, it worked with passwordlastset, but not with pwdlastset. Converting it to Int64 worked, thank you very much!