SCRIPT: How to check AD account?

You often need to check AD accounts for lockouts, password expiration, or account expiration dates. This script gives you a quick view of these properties. Just change the Name in the script.

Get-ADUser -Filter 'Name -like "*sqlserver*" -Properties * | format-table userprincipalname, Enabled, lockedout, PasswordNeverExpires, PasswordExpired, AccountExpirationDate

To run the Get-ADUser command, you'll need the Active Directory Powershell module installed on the server. One approach is to use a PowerShell script to install the 'RSAT-AD-PowerShell' feature on Windows Server.

Install-WindowsFeature -Name "RSAT-AD-PowerShell" -IncludeAllSubFeature

Reference:

https://www.varonis.com/blog/powershell-active-directory-module

SQL Smart Solutions

Search This Blog

SCRIPT: How to check AD account?

Reference:

Comments

Post a Comment