Powershell: Find AD users with Change Password at Next Logon
We can get the list of AD users who should change their password at the next logon using Active Directory powershell cmdlet Get-ADUser. In this article, I am going to write Powershell script to list of AD users who have the setting "Change Password At the Next Logon" enabled and export AD users to CSV file.
use the following command to import Active Directory cmdlets.
Import-Module ActiveDirectory |
List AD users with change password at the next logon:
Get-ADUser -LDAPFilter "(pwdLastSet=0)" | Select SamAccountName,distinguishedName |
Export AD Users with with Change Password at Next Logon to CSV using Powershell
We can export powershell output into CSV file using Export-CSV cmdlet. The following command export selected properties of all the AD users with change password at next the logon to CSV file.
Import-Module ActiveDirectory
Get-ADUser -LDAPFilter "(pwdLastSet=0)" | Select SamAccountName,distinguishedName | Export-CSV "C:\\ChangePasswordAtNextLogon.csv" -NoTypeInformation -Encoding UTF8 |