How to view the password expiration date of Active Directory users with PowerShell scripts?
Read on to know how to view the password expiration date of Active Directory (AD) with PowerShell scripts and how you can get it done easily with ADManager Plus.
Windows PowerShell
- Identify the domain and the user account for which the password expiration date is to be obtained.
- Create and compile the script for obtaining the password expiartion date for the AD user. Execute the script in PowerShell.
- Sample script for obtaining the password expiration date of AD user:
Copied
Get-ADUser testuser001 -Properties msDS-UserPasswordExpiryTimeComputed| select name,{[datetime]::FromFileTime($_."msDS-UserPasswordExpiryTimeComputed")}
Click to copy entire script
ADManager Plus
- Navigate to Reports > User Reports >All User.
- Select the Domain for which you wish to view the last logon time for. In the Add/Remove Columns, include Password expires in column. Then click Generate.
- You can even export the reports as CSV, PDF, XLSX or HTML.
Screenshot
» Start 30-day Free Trial
Although generating the password expiration date with native tools like PowerShell looks simple, it comes with a few limitations:
- PowerShell script can be run only from the computers which have the Active Directory Domain Services role installed in them.
- The script has to be rewritten if password expiration date has to be generated for a different user.
- Need for a new script, in case the report needs to be exported.
- The syntax, parameters and iterations need to be correct. A typo or incorrect syntax might be difficult to spot and rectify, especially when the script is a long one.
ADManager Plus lets you perform the same with a few clicks from its web based GUI console. It also has options for scheduling and automatically emailing the reports. Learn more about it here.