How to get the maxpassword Age from Active Directory with powerShell

      Comments Off on How to get the maxpassword Age from Active Directory with powerShell

powershell_liteAgo some post i write about how to can alert via email the Sysadmin adn user about the password expiration.

Now i what to share a little script about how to get the max Password Age from Active Directory.

Of course, you can use ADSI edit and get this information, but maybe you have a some special configs. Latter i write some post about the “personalization” of the AD Schema

Lets see the code:

[code lang=”bash”]
cls
########################################################################
# Created by Levente Veres (bergermanus)
# Contact: http://my.bergersoft.net
# Description: Get the Max password age
########################################################################

########################################################################
# Function to send email to each user
########################################################################
function getMaxPwdAge() {

$strFilter = “(&(objectcategory=domainDNS)(distinguishedName=DC=codespring,DC=local))”
$objDomain = New-Object System.DirectoryServices.DirectoryEntry
$objSearcher = New-Object System.DirectoryServices.DirectorySearcher
$objSearcher.SearchRoot = $objDomain
$objSearcher.Filter = $strFilter
$colResults = $objSearcher.FindOne();
[int64]$datepwd = ($colResults.Properties[‘maxpwdage’][0]).ToString().Trim(“-“)

return [datetime]::FromFileTime($datepwd).DayOfYear-1

}

getMaxPwdAge

[/code]