Password Policy

HC812003 1 Reputation point

We recently deployed a fine grain password policy to our test users. Is there a way to find out via powershell which users does not meet the newly fine grain password policy?

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,139 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Philippe Levesque 5,261 Reputation points MVP

    In powershell you can list user attribute for last password change if you set a password policy on the password age, but you can't list the password complexity, so it depend on your password policy.

    0 comments No comments

  2. Limitless Technology 38,756 Reputation points

    Hi @HC812003

    The Get-ADDefaultDomainPasswordPolicy cmdlet gets the default password policy for a domain.

    Get-ADDefaultDomainPasswordPolicy -Current LoggedOnUser

    You can then compare them with the requirements for the fine grain policy.

    The Get-ADFineGrainedPasswordPolicy cmdlet gets a fine-grained password policy or performs a search to retrieve multiple fine-grained password policies.,grained%20password%20policy%20to%20get.

    --If the reply is helpful, please Upvote and Accept it as an answer--

    0 comments No comments