Skip to content

Instantly share code, notes, and snippets.

@vexx32
Created April 12, 2019 16:20
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save vexx32/2a749fe1b01100c076f306af9c5afade to your computer and use it in GitHub Desktop.
Save vexx32/2a749fe1b01100c076f306af9c5afade to your computer and use it in GitHub Desktop.
[CmdletBinding()]
param(
[Parameter()]
$Fichier = "C:\temp\Log.csv"
)
$start = [datetime]::Now
$date = Get-Date
$textEncoding = [System.Text.Encoding]::UTF8
$today = $start
$exclude = "HealthMailbox*","SystemMailbox*","AdmDyn*"
$defaultMaxPasswordAge = (Get-ADDefaultDomainPasswordPolicy -ErrorAction Stop).MaxPasswordAge.Days
$ADParams = @{
Filter = @(
'(Name -notlike "Migration*")'
'(Name -notlike "DiscoverySearchMailbox*")'
'(Name -notlike "On Premise*")'
'(Name -notlike "MSOL*")'
'(Name -notlike "Federated*")'
'(Name -notlike "Exchange*")'
'(Name -notlike "HealthMailBox*")'
'(Name -notlike "SystemMailbox*")'
'(Name -notlike "AdmDyn*")'
) -join ' -and '
Properties = 'Name', 'PasswordExpired', 'PasswordLastSet'
}
$UserList = Get-ADUser @ADParams
Write-Output "La durée de vie d'un mot de passe sur le domaine est de $defaultMaxPasswordAge jours"
#Appliquer à chaque utilisateur:
$results = foreach ($user in $UserList) {
$Name = $user.Name
$PasswordLastSet = $user.PasswordLastSet
$SamAccountName = $user.SamAccountName
$MaxPasswordAge = $defaultMaxPasswordAge
$PasswordPol = Get-AduserResultantPasswordPolicy $user
if ($PasswordPol) {
$maxPasswordAge = $PasswordPol.MaxPasswordAge.Days
}
$ExpiresOn = $PasswordLastSet.AddDays($MaxPasswordAge)
$daysToExpire = New-TimeSpan -Start $today -End $ExpiresOn
$daysToExpire = [math]::Round($daysToExpire.TotalDays)
[PSCustomObject]@{
Date = Get-Date
Nom = $user.Name
DernièreModifMotDePasse = "$PasswordLastSet"
JourExpiration = $ExpiresOn
NbDeJoursAvantExpiration = "$daysToExpire jour(s)"
}
}
$results | Export-Csv -Path $Fichier -Append -NoTypeInformation
Write-Output "Log créé."
Get-ChildItem -Path "C:\temp\" -Recurse |
Where-Object CreationTime -lt (Get-Date).AddDays(-365) |
Remove-Item -Recurse
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment