Just a follow up on my previous post, here’s the script to do just that in PowerShell. It extracts the name and the last time the password was changed and displays it in the host.
$strFilter = "(&(objectCategory=User))" $Dom = 'LDAP://DC=yourDomain;DC=LOCAL' $objDomain = New-Object System.DirectoryServices.DirectoryEntry $Dom $objSearcher = New-Object System.DirectoryServices.DirectorySearcher $objSearcher.SearchRoot = $objDomain $objSearcher.PageSize = 1000 $objSearcher.Filter = $strFilter $objSearcher.SearchScope = "Subtree" $colProplist = "name", "pwdlastset" foreach ($i in $colPropList) {$objSearcher.PropertiesToLoad.Add($i)} $colResults = $objSearcher.FindAll() foreach ($objResult in $colResults) { $objItem = $objResult.Properties $objItem.name [datetime]::FromFileTimeUTC($objItem.pwdlastset[0]) }
Please note: I reserve the right to delete comments that are offensive or off-topic.