PowerShell: Check When User Last Set Active Directory Password

Mitch Bartlett Comments (1)
Active Directory logo

If a user can’t access an application that authenticates with Microsoft Active Directory, it’s helpful to check to see when the user last set their password since the application may be using cached credentials. Here’s how to use PowerShell to get the passwordlastset value.

  1. Select the “Start” button, then type “powershell“.
  2. Right-click on “Windows PowerShell“, then select “Run as Administrator“.
  3. Provide credentials for a user that has access to Active Directory.
  4. Now you can use the following to find the when a user set the password last.
  5. Replace “theusername” with the actual username of the user you wish to query:

get-aduser -identity theusername -properties passwordlastset | ft Name, passwordlastset

You could also grab all users in a certain OU using this:

get-aduser -Filter * -properties passwordlastset -SearchBase "OU=Staff,OU=Users,DC=domain,DC=com" | ft Name, passwordlastset

Or just get the enabled accounts:

get-aduser -Filter 'enabled -eq $true' -properties passwordlastset -SearchBase "OU=Staff,OU=Users,DC=domain,DC=com" | ft Name, passwordlastset, enabled

Export it to a CSV file:

get-aduser -Filter 'enabled -eq $true' -properties passwordlastset -SearchBase "OU=Staff,OU=Users,DC=domain,DC=com" | Select Name, passwordlastset, enabled | Export-csv -path c:\Temp\PassLastSet.csv

Author Mitch Bartlett

Through my career that spans over 20 years I have become an expert in Microsoft Systems Administration, Android, and macOS. I started this site as a technical guide for myself and it has grown into what I hope is a useful knowledgebase for everyone.

You Might Also Like

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *