Function: Get AD User Password Expiry Date/Time

This is a PowerShell Function written to obtain a users password expiry date and time in a friendly format. It allows you to search using a username, first name or surname. This may be useful on a helpdesk to ascertain if the issue a user is experiencing is due to password expiry.

Function Get-UserPasswordExpiry
{
<# .SYNOPSIS Gets AD User password expiry date and time .DESCRIPTION Gets AD User password expiry date and time .PARAMETER Name Used to search for the password expiry by using a full or partial name .PARAMETER SAM Used to search for the password expiry based on SAM Account Name .EXAMPLE The following gets user password expiry by searching for a persons first name Get-UserPasswordExpiry -Name kyle Output: Kyle Williams - 15/03/2017 09:12:04 Kyle Taylor - 04/11/2017 11:34:45 Kyle Jackson - 23/06/2017 14:24:05 .EXAMPLE The following gets user password expiry by searching for a persons first name Get-UserPasswordExpiry -SAM BloggsJ Output: Kyle Taylor - 23/06/2017 14:24:04 .LINK https://www.roggy.uk .OUTPUTS #>	[CmdletBinding()]
	param ([Parameter(Position = 0, Mandatory = $false, ValueFromPipelineByPropertyName)]
		[string]$Name,
		[Parameter(Position = 1, Mandatory = $false, ValueFromPipelineByPropertyName)]
		[String]$SAM) BEGIN { Write-Verbose "Starting function" }
	PROCESS { Write-Verbose "Searching for users" If ($Name) { $UserExpiry = Get-ADUser -filter "cn -like '*$Name*'" –Properties "DisplayName", "msDS-UserPasswordExpiryTimeComputed" | Select-Object -Property "Displayname", @{ Name = "ExpiryDate"; Expression = { [datetime]::FromFileTime($_."msDS-UserPasswordExpiryTimeComputed") } } } ElseIf ($SAM) { $UserExpiry = Get-ADUser -identity $SAM –Properties "DisplayName", "msDS-UserPasswordExpiryTimeComputed" | Select-Object -Property "Displayname", @{ Name = "ExpiryDate"; Expression = { [datetime]::FromFileTime($_."msDS-UserPasswordExpiryTimeComputed") } } } Else { Write-Host -ForegroundColor Red "No search input provided" } If ($UserExpiry -ne $Null) { ForEach ($UserExpiry in $UserExpiry) { Write-Host $UserExpiry.displayname "-" $UserExpiry.expirydate } } Else { Write-Host -ForegroundColor Yellow "User not found" } }
	END { Write-Verbose "Ending function" }
}

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.