Home > Software engineering >  I want to get a list of Active Directory users with the AccountExpires but the property returns empt
I want to get a list of Active Directory users with the AccountExpires but the property returns empt

Time:10-28

Get-ADUser -Filter '*' -Properties DisplayName, title, Department, Office, OfficePhone, EmailAddress, wWWHomePage, AccountExpires -SearchBase '****' |
Sort-Object -Property DisplayName | Select-Object -Property DisplayName, Title, Department, Office, OfficePhone, EmailAddress, wWWHomePage, AccountExpires | Export-Csv -LiteralPath C:\PowerShell\temp1.csv

Is the AccountExpires the correct property to look at to obtain this date?

enter image description here

CodePudding user response:

Try using the AccountExpirationDate property:

$properties = 'DisplayName', 'title', 'Department', 'Office', 'OfficePhone', 'EmailAddress', 'wWWHomePage', 'AccountExpirationDate'
Get-ADUser -filter {AccountExpirationDate -like '*'} -Properties $properties | 
  Sort-Object DisplayName |
  Select-Object $properties |
  Export-CSV C:\PowerShell\temp1.csv

AccountExpires is not date-formatted, but can be used if you need it. It should not be blank:

A value of 0 or 0x7FFFFFFFFFFFFFFF (9223372036854775807) indicates that the account never expires.

CodePudding user response:

If you're using Get-AdUser, use the AccountExpirationDate property, since it formats the date for you. When using AccountExpiry, an example date looks like 133035804000000000. Using AccountExpirationDate instead gives you 2022-07-30 01:00:00.

If there's no expiry date set on the account, AccountExpirationDate returns NULL.

If you use AccountExpires and there's no expiry date, it'll return either 0 or 0x7FFFFFFFFFFFFFFF (9223372036854775807). I've noticed that PS will often not process that long value properly when going through a pipeline or exporting.

It's often best to simply run your basic command first to see what results you get before running it through the pipeline. Or try it with one user where you know an expiry date has been set.

> Get-ADUser myUser -Properties AccountExpirationDate, DisplayName, title, Department, Office, OfficePhone, EmailAddress, wWWHomePage

AccountExpirationDate : 2022-07-30 01:00:00
Department            : CM
DisplayName           : MY User
DistinguishedName     : MYUSER,OU=Users,OU=MyOU,DC=example,DC=com
EmailAddress          : [email protected]
Enabled               : True
GivenName             : My
Name                  : My User
ObjectClass           : user
ObjectGUID            : 1234aaaa-30b9-45ad-98af-12345abcdef
Office                : CM Address
OfficePhone           : (055) 555 9535
SamAccountName        : My User
SID                   : S-1-5-21-123456789-0123454678-1238779560-660873
Surname               : User
Title                 : Technical Specialist
UserPrincipalName     : [email protected]

CodePudding user response:

This should work:

Get-ADUser -Filter '*' -Properties DisplayName, title, Department, Office, OfficePhone, EmailAddress, wWWHomePage, AccountExpires -SearchBase '<your searchbase>' |sort displayname | Export-Csv -LiteralPath C:\PowerShell\temp1.csv

You don't need to select the objects again as you allready did so with the -properties parameter.

Working like a charm on my end.

Page link:https//www.codepudding.com/Softwareengineering/170548.html

Prev:PowerShell - How to Concatenate variable with text? on same line on text file
Next:passing $MyInvocation.UnBoundArguments to a nested function in Powershell
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding