How can I change this script to get all domain users password info. Here is the script I used but he only ask for a SamAccount for one user.
< # .SYNOPSIS Determine last time user set their password .DESCRIPTION Shows password max age, if expired, and last date pw was changed. .NOTES Author: George Jones .LINK .PARAMETER SAMAccountName SAMAccountName for the user in question. .EXAMPLE .\pw-last-set.ps1 -SAMAccountName some.user #>
$root = [ADSI]"
$User = [ADSI]$user.path
# get domain password policy (max pw age)
# get Int64 (100-nanosecond intervals).
# get days
# check if password can expire or not
# when was pw last set?
# convert to int64
# convert to ad date
# is the password expired?
"Password Expired? $blnExpired"
You'd need to get rid of the Param block (or at least make the $SamAccountName parameter optional, defaulting to '*'), potentially modify $searcher.Filter (if you're not going to filter on samAccountName at all), and modify the rest of the code to loop over the collection returned by $searcher.FindAll(), instead of only outputting information for a single record at index 0.
I would also recommend constructing objects (which can then be formatted by Format-Table or Format-List), instead of outputting a bunch of strings (such as "Password Expired? $blnExpired" ). You'd need to include a property in each object indicating which user account the information refers to.
I am new to poweshell scripting like this. Could you give more details on how this script should look? Thanks
You must be logged in to reply to this topic.