Quest Active Roles: Perform action on expiring passwords

Add-PSSnapin Quest.ActiveRoles.ADManagement

$maxPassAge = (Get-QADObject (Get-QADRootDSE).defaultNamingContextDN).MaximumPasswordAge.days

$enabledUsers = Get-QADUser  -Enabled -PasswordNeverExpires:$false -size 0 -ldap “(mailNickName=*)”

$expiredUsers = $enabledUsers | where {$_.passwordAge -gt 0 -AND ($maxPassAge-$_.passwordAge.days) -lt 7}

$expiredUsers | foreach { Insert Action Here}

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s