If a user can’t access an application that authenticates with Microsoft Active Directory, it’s helpful to check to see when the user last set their password since the application may be using cached credentials. Here’s how to use PowerShell to get the passwordlastset value.
- Select the “Start” button, then type “powershell“.
- Right-click on “Windows PowerShell“, then select “Run as Administrator“.
- Provide credentials for a user that has access to Active Directory.
- Now you can use the following to find the when a user set the password last.
- Replace “theusername” with the actual username of the user you wish to query:
get-aduser -identity theusername -properties passwordlastset | ft Name, passwordlastset
You could also grab all users in a certain OU using this:
get-aduser -Filter * -properties passwordlastset -SearchBase "OU=Staff,OU=Users,DC=domain,DC=com" | ft Name, passwordlastset
Or just get the enabled accounts:
get-aduser -Filter 'enabled -eq $true' -properties passwordlastset -SearchBase "OU=Staff,OU=Users,DC=domain,DC=com" | ft Name, passwordlastset, enabled
Export it to a CSV file:
get-aduser -Filter 'enabled -eq $true' -properties passwordlastset -SearchBase "OU=Staff,OU=Users,DC=domain,DC=com" | Select Name, passwordlastset, enabled | Export-csv -path c:\Temp\PassLastSet.csv
Mubashir says
Thank You