Powershell: Find AD users with Change Password at Next Logon

We can get the list of AD users who should change their password at the next logon using Active Directory powershell cmdlet Get-ADUser. In this article, I am going to write Powershell script to list of AD users who have the setting "Change Password At the Next Logon" enabled and export AD users to CSV file.

use the following command to import Active Directory cmdlets.

 Import-Module ActiveDirectory

 List AD users with change password at the next logon:

 Get-ADUser -LDAPFilter "(pwdLastSet=0)" | Select SamAccountName,distinguishedName

 Export AD Users with with Change Password at Next Logon to CSV using Powershell

We can export powershell output into CSV file using Export-CSV cmdlet. The following command export selected properties of all the AD users with change password at next the logon to CSV file.

 Import-Module ActiveDirectory 
Get-ADUser -LDAPFilter "(pwdLastSet=0)" | Select SamAccountName,distinguishedName |
Export-CSV "C:\\ChangePasswordAtNextLogon.csv" -NoTypeInformation -Encoding UTF8
 





  









    

  





  

  
  

    

      

        

          


Leave a comment





            


              

                
                
                
              


              

                
                
                
              


              

                
                
                
              


            


            
              
Please note, comments must be approved before they are published

            

            
          

        

      

    

  





  
    
    Back to Tech