I am working with Azure Active Directory and want to know when a user's password expires.
Currently I use these PowerShell commands to connect to msol service successfully and get password expiry, but I'm not quite sure how to get password expiry date.
I am using Azure Active Directory PowerShell module.
Connect-MsolService
Get-MsolUser -UserPrincipalName 'Username' | Select PasswordNeverExpires
You're looking for the LastPasswordChangeTimestamp
attribute:
Get-MsolUser -UserPrincipalName 'Username' |Select LastPasswordChangeTimestamp
This only tells you when the password was last changed, not when it will expire, so grab the password validity from the Password Policy as well:
$PasswordPolicy = Get-MsolPasswordPolicy
$UserPrincipal = Get-MsolUser -UserPrincipalName 'Username'
$PasswordExpirationDate = $UserPrincipal.LastPasswordChangeTimestamp.AddDays($PasswordPolicy.ValidityPeriod)
$PasswordExpirationDate
should now have the timestamp for when the password expires