29 lines
1.1 KiB
PowerShell
29 lines
1.1 KiB
PowerShell
#This script will read a CSV file with users in samaccountname format in a column named username and query AD for the last password set time based on the day count on line 11.
|
|
|
|
# Define the path to the CSV file
|
|
$csvPath = "C:\temp\password-last-set.csv" # create a CSV file in a specific path with a column named username
|
|
|
|
# Import the CSV file
|
|
$users = Import-Csv -Path $csvPath
|
|
|
|
# Set the threshold in days
|
|
$thresholdDays = 0
|
|
|
|
# Calculate the threshold date
|
|
$thresholdDate = (Get-Date).AddDays(-$thresholdDays)
|
|
|
|
# Iterate through each user in the CSV
|
|
foreach ($user in $users) {
|
|
# Get the SamAccountName from the CSV
|
|
$samAccountName = $user.username
|
|
|
|
# Get the user object from Active Directory
|
|
$adUser = Get-ADUser -Filter { SamAccountName -eq $samAccountName } -Properties LastLogon
|
|
|
|
# Check if the PasswordLastSet property exists and compare it with the threshold date
|
|
if ($null -eq $adUser.LastLogon) {
|
|
Write-Output "$samAccountName Password still unset"
|
|
} elseif ($adUser.LastLogon -lt $thresholdDate) {
|
|
Write-Output "$samAccountName Password was last set on $($adUser.PasswordLastSet)"
|
|
}
|
|
} |