0

Still new to powershell, so basic things can trip me up sometimes. I've been using a couple of filters against our Active Directory Tenant. Both run fine individually, but when combining the two, the command runs but fails to return any results. I know there are absolutely users in our tenant which match the filters, so I'm wondering where I've gone wrong. Hence me reaching out here for help!

$daysInactive =  [DateTime]::Today.Adddays(-30)
Get-ADUser -Filter "Enabled -eq 'True' -and passwordlastset -le '$daysInactive'"

Any pointers on where I'm going wrong with the above would be appreciated.

louis dodge
  • 45
  • 6
  • What exactly isn't working? Are you getting any errors? This seems to work fine as is in my environment. – EBGreen Jul 26 '22 at 14:08
  • Also, you indicate that you are looking for users that match the filter but you are using Get-ADComputer not Get-ADUser. – EBGreen Jul 26 '22 at 14:09
  • Ah, good catch- I'd tested against both Users and computer, I'll change the code sample back to Get-AdUser – louis dodge Jul 26 '22 at 14:12
  • The command is running, but returning no results, when there are absolutely users in the environment which meet both filter requirements. Hence, my confusion... :-( – louis dodge Jul 26 '22 at 14:17
  • you should really be comparing it to `$true`. Perhaps you're confusing `-le` with `-ge`? There seems to be nothing wrong with your code and if you are certain their is a user that matches that criteria, can you post their returned properties from a `Get-ADUser` query with the *passwordlastset* property as well? – Abraham Zinala Jul 26 '22 at 14:49
  • I did exactly that, using ```Get-ADUser -Filter "Enabled -eq 'True'" -properties PasswordLastSet ``` to confirm that my above command should be returning results. – louis dodge Jul 26 '22 at 15:30
  • 2
    This does not work as written for me; try `Get-ADUser -Filter "Enabled -eq 'True' -and passwordlastset -le $($daysInactive.ToFileTimeUTC())"` ? PasswordLastSet is [stored](https://learn.microsoft.com/en-us/windows/win32/adschema/a-pwdlastset) as "number of 100 nanosecond intervals since January 1, 1601 (UTC)", so I imagine the PowerShell wrapper turning it to-from `[DateTime]` has some date formats it can and can't read, maybe the format varies with locale and country? – TessellatingHeckler Jul 26 '22 at 16:10
  • Ahh. that works! Thank you so much. I suspected the date format may be the cause, but hadn't yet found the way to fix it. – louis dodge Jul 26 '22 at 16:27

0 Answers0