Powershell - Find all users with password never expires
I use the below to and it works.
get-aduser -filter * -properties Name, PasswordNeverExpires | where { $_.passwordNeverExpires -eq "true" } | where {$_.enabled -eq "true"}
It searches against AD database to find user's with "PasswordNeverExpires" set to "True" then returns the results in the Powershell console.
edit for wording and wrong cmdlet and to add the below To cleanup the results add this to the end of the above powershell code
| Format-Table -Property Name, PasswordNeverExpires -AutoSize
You could use something like this:
Get-ADUser -filter { (PasswordNeverExpires -eq $true) -and (enabled -eq $true)} -searchbase "OU=,OU=,DC=,DC=" -Properties Surname,givenname, userprincipalName,PasswordNeverExpires| FT Name,ObjectClass,PasswordNeverExpires -A
Since I'm running on multi-domain env:
$domains = (Get-ADForest).domains
$Members = foreach ($domain in $domains) {
Get-ADUser -server $domain -filter {PasswordNeverExpires -eq "TRUE"} -Properties PasswordNeverExpires | select name,samaccountname,PasswordNeverExpires,mail | Where-Object {$_.PasswordNeverExpires -like "True"} |Export-Csv -Path "c:\temp\Never_Expire-$domain.csv" -NoTypeInformation }
For single domain:
Get-ADUser -filter {PasswordNeverExpires -eq "TRUE"} -Properties PasswordNeverExpires | select name,samaccountname,PasswordNeverExpires,mail | Where-Object {$_.PasswordNeverExpires -like "True"} |Export-Csv -Path "c:\temp\Never_Expire.csv" -NoTypeInformation }