Find AD user last password changed date using PowerShell
The following is a comparison between getting AD user's last password changed date with Windows PowerShell and ADManager Plus:
Steps to obtain AD user’s last password changed details using PowerShell:
- Identify the domain from which you want to retrieve the report.
- Identify the LDAP attributes you need to fetch the report.
- Compile the script.
- Execute it in Windows PowerShell.
- The report will be exported in the given format.
- To obtain the report in a different format, modify the script accordingly to the needs of the user.
Sample Windows PowerShell script:
Click to copy entire script
-identity * -properties passwordlastset, passwordneverexpires | sort name | ft Name, passwordlastset, Passwordneverexpire
Steps to obtain AD user’s last password changed date:
- Click Reports -> Password Reports -> Password Changed Users.
- Select the domain, OU, and desired time period.
- Click Generate.
» Start 30-day Free Trial
Following are the limitations to obtain AD user last password changed date using native tools like Windows PowerShell:
- We can run this script only from the computers which has Active Directory Domain Services role.
- Adding even minor details to the report—such as adding additional attributes—require scripts to be modified and executed again, which is time-consuming.
- Exporting a report in a specific format requires a script to be modified accordingly, which increases the complexity of the scripts.
- Troubleshooting is not easy in case of errors.
ADManager Plus can help you obtain AD user last password changed date report in CSV, PDF, HTML, or XLSX format in a simple and intuitively designed UI.
Manage password settings for AD users with purpose-built password reports.
Get 30-day free trial.