Powershell – lister la date d’expiration des mots de passe ainsi que la Policy appliquée

Bonjour,

Ci-après un script qui permet de lister, pour les utilisateurs d’un groupe, la date à laquelle le mot de passe a été changé pour la dernière fois, la date d’expiration du mot de passe, ainsi que la politique ( password policy) appliquée. Le script génère une page HTML présentant le résultat.

# Mention the targeted AD group containing the users to generate the report for
$group = "Standard User Password Policy"

# Get the AD accounts info of each members of the above-mentioned group
$users = Get-ADGroupMember -Identity $group

# Count the members of the group
$count = $users.count

# Log the current date/time
$rightNow = Get-Date -Format "dd-MM-yyyy_hh'h'mm"

# The path to the output HTML file
$htmlOutputfile = "C:\Expiry-$rightNow.html"

# Create an empty array that will be used to contain our result
$array = @()

foreach ($user in $users)
{
    $Object = New-Object PSObject # Create a custom object that will be used to format our output
    # Get the info from the AD user
    $GetADUser = Get-ADUser $user –Properties "DisplayName", "msDS-UserPasswordExpiryTimeComputed", "PasswordLastSet" | Select-Object -Property "Displayname", "PasswordLastSet", @{Name="ExpiryDate";Expression={[datetime]::FromFileTime($_."msDS-UserPasswordExpiryTimeComputed")}}
    $GetADRPP = Get-ADUserResultantPasswordPolicy -Identity $user # Get the resultant Password Policy for the user
    $Object | Add-Member -MemberType NoteProperty -Name "Name" -Value $GetADUser.DisplayName # Feed with the user name
    $Object | Add-Member -MemberType NoteProperty -Name "Password Last Set" -Value $GetADUser.PasswordLastSet # Feed with the password last set date
    $Object | Add-Member -MemberType NoteProperty -Name "Applied Password Policy" -Value $GetADRPP.Name # Feed with the password policy name
    $Object | Add-Member -MemberType NoteProperty -Name "Password Expiration Date" -Value $GetADUser.ExpiryDate # Feed with the password expiry date
    $array += $Object # Append the object in the array
}

# Display the array's content to consol
$array

# Format the array's content in HTML, save the file, and then display it
$array | Sort-Object -Property "Password Expiration Date" | ConvertTo-Html -Head "<style>table {border-collapse: collapse;padding:5px;}table, th, td {border: 1px solid black;}th{white-space: nowrap;background-color:lightgrey;}</style>" -PreContent "<h2>Password policy summary for $count users members of the $group AD group</h2>" | Out-File $htmlOutputfile
Invoke-Item $htmlOutputfile

Voici un aperçu du résultat :

Hope this helps !

🙂

Laisser un commentaire