Author Posts

December 10, 2017 at 1:30 pm

Hi All,

I have created quick script for password last set

$users=Get-ADUser -filter * -Properties name, passwordlastset | Select-Object name, passwordlastset

$users | export-csv "c:\passwordlastset.csv"

$PWLS = $users.passwordlastset

$date = Get-Date

foreach ($user in $users)
{
    if($pwls -lt $date.AddDays(-1))
    {write-output "'$($user.name)'this needs changing"
    }}

although how would I export the results of the foreach loop /if statement to a csv? my idea is that once I export the results, I will then import that csv underneath the above code, and start my next bit of the script working off that csv of the affected users.

thanks!

December 10, 2017 at 2:28 pm

You could de something like this:

$Today = Get-Date
Get-ADUser -Filter * -Properties name, passwordlastset -OutVariable ADUserList | 
    Select-Object -Property Name,
                            passwordlastset,
                            @{Name = 'Change needed';Expression = {If($_.passwordlastset -lt $Today.AddDays(-1)){$true}Else{$false}}} -OutVariable PWChangeList

(untested)
This way you have your "results" in the two variables ADUserList and PWChangeList and you could export it or do more things as needed. Maybe like this:

$ADUserList | Export-Csv -Path ADUserList.csv -Delimiter ',' -NoTypeInformation
$PWChangeList | Export-Csv -Path PWChangeList.csv -Delimiter ',' -NoTypeInformation

December 10, 2017 at 9:39 pm

But..But..

You are going after this data repeatedly / dynamically from ADDS.

Why take the extra steps of serializing dynamic data to the drive, just to read it back in?

IMHO, that is a lot of unnecessary steps and you can simplify this down to a PSCustomObject for easier use / manipulation.
Again, PoSH is all about discovery, flexibility and choice. Not all of us will agree on the same things.

Anyways, this would be my approach at this use case. Always dynamic, no serialization to disk required, no extra variables.
Using object properties and as a function for, well, you know.

Function Get-PasswordLastSet
{
[CmdletBinding()]
[alias('pwls')]

Param()

Clear-Host
Get-ADUser -filter * -Properties PasswordLastSet |
ForEach-Object {
[PSCustomObject]@{
Name = $_.Name
PassWordLasSet = $_.PasswordLastSet
ChangeNeeded = ($_.PasswordLastSet -lt (Get-Date(Date)).AddDays(-1))
}
}
}

Get-PasswordLastSet |
Select -First 2 |
Format-Table -AutoSize

# Results
Name PassWordLasSet ChangeNeeded
—- ————– ————
Administrator 3/31/2017 2:34:34 PM True
Guest True

But if you really wanted to serialize to disk you could of course.

# Full PWLS Report
Get-PasswordLastSet | Export-Csv -Path "$env:USERPROFILE\Documents\UserPwlsReport.csv" -NoTypeInformation

# Or just the User Name list
Get-PasswordLastSet | Select Name | Export-Csv -Path "$env:USERPROFILE\Documents\UserPwlsReport.csv" -NoTypeInformation

psEdit -filenames "$env:USERPROFILE\Documents\UserPwlsReport.csv"

December 10, 2017 at 9:51 pm

by looking at your original post. it seems to look like your trying to create a script or function. you can also try something like this

$users = Get-ADUser -filter * -Properties name, passwordlastset | Select-Object name, passwordlastset

$users | export-csv "c:\Scripts\ passwordlastset.csv"

$PWLS = $users.passwordlastset

$date = Get-Date

foreach ($user in $users)
{
    if($pwls -lt $date.AddDays(-1)){
        $PWCUsers = [pscustomobject]@{
                                "User" = $user.name
                                "PasswordLastSet" = $user.passwordlastset
                                }
         $PWCUsers
         $PWCUsers | Export-Csv -NoTypeInformation C:\scripts\temp.csv -Force -Append
    }#IF

}#Foreach

December 11, 2017 at 9:34 pm

Thanks shihan, this is helpful!