Search for Account date expired and accounts hat will expires in 100 days

This topic contains 3 replies, has 3 voices, and was last updated by  Bruno Prata Gomes 1 week, 6 days ago.

  • Author
    Posts
  • #85240

    Bruno Prata Gomes
    Participant

    Please help me out.. I would like to get Accounts alredy expired and accounts that will expires in 100 days. It is getting the the table below, but no information. if I remove "-and (Search-ADAccount -AccountExpired -UsersOnly | Where-Object {$_.Enabled})" will show me account will exprire in 100, but does not show accounts already expired.

    SamAccountName Mail Department Company Title Enabled Created AccountExpirationDate Description CanonicalName
    ————– —- ———- ——- —– ——- ——- ——————— ———– ————-

    _________________________________________________________________________________
    cls
    Import-Module ActiveDirectory
    $OU="OU=OtherUsers,OU=adm,DC=adm,DC=com"
    $report = $null
    $table = $null
    $date = Get-Date -uformat "%d/%B/%Y" # Date format
    $startDate = Get-Date
    $endDate = $startDate.AddDays(100)
    $total = (Get-ADUser -filter {AccountExpirationDate -gt $startDate -and AccountExpirationDate -lt $endDate} -SearchBase $OU).count # Total accounts on OU
    $domain = (Get-ADDomain).Forest # Domain name

    #–USER LIST————————————————#

    $prop = @('SamAccountName','Mail','Department','Company','Title','Enabled','Created','AccountExpirationDate','Description','CanonicalName','Manager')

    $users = @(Get-ADUser -filter {AccountExpirationDate -gt $startDate -and AccountExpirationDate -lt $endDate} -SearchBase $OU -Properties $prop)-and (Search-ADAccount -AccountExpired -UsersOnly | Where-Object {$_.Enabled})

    $result = @($users | Select-Object SamAccountName, Mail, Department, Company, Title, Enabled, Created, AccountExpirationDate, Description, CanonicalName, @{Name='Manager';Expression={(Get-ADUser $_.Manager).sAMAccountName}})

    # Sort by user account A-Z
    $result = $result | Sort "SamAccountName"

    # This line will not show script running.
    $result | ft -auto

  • #85244

    Jon
    Participant

    When I run the command in my environment and evaluate what's in users I get "True". I think this has something to do with the -and between getting the accounts that are going to expire and the expired accounts.

    Try this instead:

    $users = Get-ADUser -filter {AccountExpirationDate -gt $startDate -and AccountExpirationDate -lt $endDate -or AccountExpirationDate -lt $startdate} -SearchBase $OU
  • #85291

    postanote
    Participant

    -and means if both are true return X.
    What I think you want is if either is true the return X.
    So, consider changing -and to -or

You must be logged in to reply to this topic.