2021. január 12., kedd

How to find domain users who have never changed their passwords

 Hey, I have not posted here since 2 years! But I'm still kickin hard, and alive. Just to save this blog from being forgotten, placing is a new entry. And... see you in 2 years again. ;)

 How to find users who have never ever freaking changed their passwords? (Those lazy bastards, in spec cases when forced pw change cannot be enabled on them.)

Get-ADUser -Filter * -Properties PasswordLastSet,WhenCreated,lastlogondate | Where-Object {$_.Enabled -eq $true -and $_.Lastlogondate -ne $null -and ( $_.PasswordLastSet.datetime -eq ($_.WhenCreated.datetime) ) }