![](/img/trans.png)
[英]Powershell script to find the user password expiry date and renew it for customize date
[英]Need powershell cmd to export Local user password expiry date
我從Microsoft博客獲得了以下powershell腳本。 它完全可以滿足我的環境需求,但是它顯示密碼的有效期為true或false。 我需要提取所有本地用戶的確切密碼到期日期。 請有人幫助以下腳本獲取本地用戶帳戶的到期日期以及其他信息。
Param
(
[Parameter(Position=0,Mandatory=$false)]
[ValidateNotNullorEmpty()]
[Alias('cn')][String[]]$ComputerName=$Env:COMPUTERNAME,
[Parameter(Position=1,Mandatory=$false)]
[Alias('un')][String[]]$AccountName,
[Parameter(Position=2,Mandatory=$false)]
[Alias('cred')][System.Management.Automation.PsCredential]$Credential
)
$Obj = @()
$now = Get-Date
Foreach($Computer in $ComputerName)
{
If($Credential)
{
$AllLocalAccounts = Get-WmiObject -Class Win32_UserAccount -Namespace "root\cimv2" `
-Filter "LocalAccount='$True'" -ComputerName $Computer -Credential $Credential -ErrorAction Stop
}
else
{
$AllLocalAccounts = Get-WmiObject -Class Win32_UserAccount -Namespace "root\cimv2" `
-Filter "LocalAccount='$True'" -ComputerName $Computer -ErrorAction Stop
}
Foreach($LocalAccount in $AllLocalAccounts)
{
$rawPWAge = ([adsi]"WinNT://$computer/$($LocalAccount.Name),user").PasswordAge.Value
$Object = New-Object -TypeName PSObject
$Object|Add-Member -MemberType NoteProperty -Name "Name" -Value $LocalAccount.Name
$Object|Add-Member -MemberType NoteProperty -Name "Full Name" -Value $LocalAccount.FullName
$Object|Add-Member -MemberType NoteProperty -Name "Disabled" -Value $LocalAccount.Disabled
$Object|Add-Member -MemberType NoteProperty -Name "Status" -Value $LocalAccount.Status
$Object|Add-Member -MemberType NoteProperty -Name "LockOut" -Value $LocalAccount.LockOut
$Object|Add-Member -MemberType NoteProperty -Name "Password Expires" -Value $LocalAccount.PasswordExpires
$Object|Add-Member -MemberType NoteProperty -Name "Password Required" -Value $LocalAccount.PasswordRequired
$Object|Add-Member -MemberType NoteProperty -Name "Account Type" -Value $LocalAccount.AccountType
$Object|Add-Member -MemberType NoteProperty -Name "Domain" -Value $LocalAccount.Domain
$Object|Add-Member -MemberType NoteProperty -Name "Password Last Set" -Value ($now).AddSeconds(-$rawPWAge)
$Object|Add-Member -MemberType NoteProperty -Name "Password Age" -Value ($now-($now.AddSeconds(-$rawPWAge))).Days
$Object|Add-Member -MemberType NoteProperty -Name "Description" -Value $LocalAccount.Description
$Obj+=$Object
}
If($AccountName)
{
Foreach($Account in $AccountName)
{
$Obj|Where-Object{$_.Name -like "$Account"}
}
}
else
{
$Obj
}
}
要獲取密碼的到期日期,您需要從MaxPasswordAge
減去PasswordAge
並將結果秒數添加到$now
:
$user = [adsi]"WinNT://$computer/$($LocalAccount.Name),user"
$rawPWAge = $user.PasswordAge.Value
$maxPWAge = $user.MaxPasswordAge.Value
...
$Object | Add-Member -MemberType NoteProperty -Name 'Password Expiry Date' `
-Value $now.AddSeconds($maxPWAge - $rawPWAge)
附帶說明,永遠不要在循環中使用$Obj+=$Object
。 將對象添加到數組會將所有項目從現有數組復制到新數組(大小+ 1),因此可以確保該操作執行不佳。 最好在管道中使用ForEach-Object
循環:
$Obj = $AllLocalAccounts | ForEach-Object {
$user = ([adsi]"WinNT://$computer/$($_.Name),user")
$pwAge = $user.PasswordAge.Value
$maxPwAge = $user.MaxPasswordAge.Value
$pwLastSet = $now.AddSeconds(-$pwAge)
New-Object -TypeName PSObject -Property @{
'Name' = $_.Name
'Full Name' = $_.FullName
'Disabled' = $_.Disabled
'Status' = $_.Status
'LockOut' = $_.LockOut
'Password Expires' = $_.PasswordExpires
'Password Required' = $_.PasswordRequired
'Account Type' = $_.AccountType
'Domain' = $_.Domain
'Password Last Set' = $pwLastSet
'Password Age' = ($now - $pwLastSet).Days
'Password Expiry Date' = $now.AddSeconds($maxPwAge - $pwAge)
'Description' = $_.Description
}
}
這將自動生成對象列表,然后將其分配給$Obj
。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.