AD Account Creation and Password Last Change Dates for Individual User
# Variable for User ID
$userID = "myUserID"
#Create AD Searcher
$ADsPath = [ADSI]"LDAP://DC=MYDOMAIN,DC=EDU"
$Search = New-Object DirectoryServices.DirectorySearcher($ADsPath)
$Search.filter = "(&(objectClass=user)(sAMAccountName=" + $userID.ToString() + "))"
$Search.SearchScope = "SubTree"
$result = $Search.FindOne()
#Get AD User Account
$objUser = $result.GetDirectoryEntry()
#Check to See If Password Last Set has been Actually Set and Not Default Windows Time
if(($result.Properties["pwdlastset"][0].ToString() -ne "9223372036854775807") -and ($result.Properties["pwdlastset"][0].ToString() -ne "0"))
{
$pwdSetDate = [System.DateTime]::FromFileTime($result.Properties["pwdlastset"][0])
}
else
{
$pwdSetDate = "Not Set"
}
#Write Out User Info
Write-Host "Account Created: " $objUser.whenCreated.ToString()
Write-Host "Last Password Change: " $pwdSetDate
No comments:
Post a Comment