问题
Could someone help me with the following: I need a PowerShell script that searches a specific Organization Unit with a lot of users and sets: Password must change @ next logon if the password expires within 1 day.
I already have the following script:
$maxPwdAge=(Get-ADDefaultDomainPasswordPolicy).MaxPasswordAge.Days
$1day=(get-date).AddDays(1-$maxPwdAge).ToShortDateString()
Get-ADUser -filter {Enabled -eq $True -and PasswordNeverExpires -eq $False -and PasswordLastSet -gt 0} –Properties * | where {($_.PasswordLastSet).ToShortDateString() -eq $1day} | select *
回答1:
You should instead compare DateTime objects directly, you plain don't need ToShortDateString() conversion to compare dates in Powershell. Also last select * is superfluous and only spoils the return type of an object.
$1day=(get-date).AddDays(1-$maxPwdAge)
Get-ADUser -filter {Enabled -eq $True -and PasswordNeverExpires -eq $False -and PasswordLastSet -gt 0} –Properties * |
where {$_.PasswordLastSet -ge $1day}
Should do.
来源:https://stackoverflow.com/questions/31852500/powershell-password-must-change-next-logon-when-password-expires-in-1-day