列出非域系统上所有用户的最后一次 Windows 密码更改 [英] List Last Windows Password Change For All Users On A Non-Domain System

问题描述

我已经为连接到 AD 域控制器的系统找到了这个问题的答案.但是，此问题适用于不可能附加到域控制器的独立系统.本质上是气隙系统.

I have found an answer to this question for systems that are attached to an AD domain controller. However, this question is for standalone systems where there is no possibility of attaching to a domain controller. Essentially, air-gapped systems.

简明扼要:有没有办法以批处理文件或 PowerShell 脚本的形式一次性列出每个用户上次更改非域、气隙系统(Windows 7 或 10)的 Windows 密码的时间?

Short and sweet: Is there a way to list the last time each user changed their Windows password for a non-domain, air-gapped system (either Windows 7 or 10) all at once either as a batch file or PowerShell script?

我知道网络用户 {username} |find/I "Password last set" 会一次为他们做一个.但是，每台机器运行多次会很乏味，我们有 60 多个这种类型的系统.因此，如果可能的话，我正在寻找一种方法来一举做到这一点.

I know that net user {username} | find /I "Password last set" will do it for them one at a time. However, that would be tedious to run multiple times per machine and we have over 60 systems of this type. So I'm looking for a way to do this in one fell swoop, if possible.

需要注意的是，我们无法为此选择在 PowerShell 中安装 activedirectory 模块.此外，由于大多数系统是 Windows 7，我们无法访问 Windows 10 中可用的 Bash 命令行工具.

As a caveat, we don't have the option of installing the activedirectory module in PowerShell for this. Also, since the majority of the systems are Windows 7, we don't have access to the Bash command line tools that would be available in Windows 10.

感谢任何与此相关的帮助.

Any and all help with regard to this is appreciated.

推荐答案

这是使用 ADSI WinNT 提供程序的一种方法:

Here's one way using the ADSI WinNT provider:

$computerName = [Net.Dns]::GetHostName()  # i.e., local computer
$computer = [ADSI] "WinNT://$computerName,Computer"
$childObjects = $computer.Children
foreach ( $childObject in $childObjects ) {
  if ( $childObject.Class -eq "User" ) {
    if ( $childObject.PasswordAge[0] -gt 0 ) {
      $pwdLastSet = (Get-Date).AddSeconds(-$childObject.PasswordAge[0])
    }
    else {
      $pwdLastSet = $null
    }
    $childObject | Select-Object `
      @{Name="AdsPath";         Expression={$_.AdsPath}},
      @{Name="PasswordLastSet"; Expression={$pwdLastSet}}
  }
}

这篇关于列出非域系统上所有用户的最后一次 Windows 密码更改的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！