Active Directory: Find user accounts that about to expire

Prerequisites List

• Domain Admin Access to be able to Query all users accounts in Active Directory.

This script lists all users in Active Directory and shows when their passwords are going to expire. It creates an HTML file on output but this can be change to CSV if needed.

$a = "<style>" $a = $a + "BODY{background-color:00557F;}" $a = $a + "TABLE{border-width: 1px;border-style: solid;border-color: 006699;border-collapse: collapse;}" $a = $a + "TH{border-width: 1px;padding: 0px;border-style: solid;border-color: black;background-color:thistle}" $a = $a + "TD{border-width: 1px;padding: 0px;border-style: solid;border-color: black;background-color:white}" $a = $a + "</style>" $UserObject = @() $UserList = Get-ADUser -filter {Enabled -eq $True -and PasswordNeverExpires -eq  $False} -Properties "DisplayName", "msDS-UserPasswordExpiryTimeComputed" |  Where-Object {$_.DisplayName -ne $null} $UserList | %{     $output = "" | Select DisplayName, ExpiryDate     $output.DisplayName = $_.DisplayName     $output.ExpiryDate = ([datetime]::FromFileTime($_."msDS-UserPasswordExpiryTimeComputed")).DateTime     $UserObject += $output     $output | fl *     ([datetime]::FromFileTime($_."msDS-UserPasswordExpiryTimeComputed")).DateTime  } $UserObject | Sort ExpiryDate | ConvertTo-Html -Head $a | Out-File C:\UserPWDExpiry.htm