-
Notifications
You must be signed in to change notification settings - Fork 10
Expand file tree
/
Copy path1067.ps1
More file actions
40 lines (28 loc) · 843 Bytes
/
Copy path1067.ps1
File metadata and controls
40 lines (28 loc) · 843 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
param ($LDAPPath = "", [switch]$Help)
if ($Help)
{
""
Write-Host "Usage: .\Get-ADNonExpPass.ps1 <LDAPPath>" -foregroundcolor Yellow
Write-Host "Ex: .\Get-ADNonExpPass.ps1 'LDAP://ou=users,dc=domain,dc=com'" -foregroundcolor Yellow
""
break
}
#UAC Flag in Hex
#http://support.microsoft.com/kb/305144
$DontExpire = 0x10000
$Root = [ADSI]$LDAPPath
$Category = "user"
$Selector = New-Object DirectoryServices.DirectorySearcher
$Selector.SearchRoot = $Root
$Selector.Filter = ("(objectCategory=$Category)")
#$Selector.pagesize = 2000
# Grab all the user objects for the OU
$Users = $Selector.findall()
foreach ($User in $Users) {
$DN = $User.properties.distinguishedname
$UserProp = [ADSI]"LDAP://$dn"
if (($UserProp.UserAccountControl[0] -band $DontExpire) -eq 65536)
{
$UserProp | Select Name, UserAccountControl
}
}