How can I query users with an expired password in Active Directory?
问题 I need to query Active Directory for a list of users whose password is about to expire. The obvious (and easy) way to do this is with: dsquery user -stalepwd n The problem is that I need to add additional filters to only look for users who are in certain security groups. This is hard to do with the "dsquery user" syntax that has the built-in -stalepwd option, so I've been using the "dsquery * -filter" option which allows you to use LDAP query syntax. Unfortunately, while its relatively easy