协助创建空闲帐户脚本 [英] Assistance creating idle account script

问题描述

Hello All，



我正在尝试创建一个PS脚本，它将在以下条件下搜索AD帐户：



帐户已激活/已启用（帐户未停用）

帐户已过期90天或更长时间

帐户密码未设置为永不过期

或

帐户密码已过期



我希望结果返回以下值：



名称/显示名称

SamAccountName

PasswordExpired

LastLogonDate

Pwdage

PwdLastSet



如果有一种方法可以指定排除特定的OU，那将是很棒的或者一次性显式搜索多个OU。



感谢您提前获得任何帮助。



我尝试过：

Hello All,

I am trying to create a PS Script that will search AD account with the following conditions:

Account is Active/Enabled (account not disabled)
Account is expired 90 days or more
Account password is not set to never expire
or
Account password has expired

I want the result to return the following values:

Name/Display Name
SamAccountName
PasswordExpired
LastLogonDate
Pwdage
PwdLastSet

If there is a way to specify exclude a specific OU that would be wonderful or explicitly search multiple OU's at once.

Thanks for any help in advance.

What I have tried:

Search-ADAccount -AccountInactive -TimeSpan 90 -UsersOnly -SearchBase "OU=User Accounts,DC=domain,DC=com" |
Where-Object {($_.Enabled -eq $true) -and ($_.PasswordNeverExpires -eq $False)} | Select-object Name, SamAccountName, PasswordExpired, LastLogonDate, Pwdage, PwdLastSet  | export-csv "c:\data\export.csv"

Pwdage& PwdLastSet不返回它们返回的值Microsoft.ActiveDirectory.Management.ADPropertyValueCollection

Pwdage & PwdLastSet do not retun values they return "Microsoft.ActiveDirectory.Management.ADPropertyValueCollection"

推荐答案

_。启用-eq

true ） - 和（

true) -and (

_。PasswordNeverExpires -eq

_.PasswordNeverExpires -eq

这篇关于协助创建空闲帐户脚本的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！