Domain user password expiry with Powershell

I needed to figure out a method for producing alerts when a domain account is approaching the password reset date. Here it is in a few lines of Powershell…

?View Code POWERSHELL
# Set name here
$name = "Rhys Campbell";
$user = Get-ADUser -LDAPFilter "(Name=$name)" -Properties PasswordLastSet;
$days = $(Get-ADDefaultDomainPasswordPolicy).MaxPasswordAge;
$expires = $user.PasswordLastSet + $days;
$days_left = $expires - $(Get-Date);
Write-Host "Password for $name expires on $expires which is in $($days_left.Days) days.";

This will display something along the lines of;

Password for Rhys Campbell expires on 11/18/2011 08:19:36 which is in 35 days.

Leave a Reply