powershellactive-directoryget-aduser

powershell filter get-aduser


I'm trying to write a tiny script to run through our organization's OUs in AD and return users whose password expires in two weeks or less. One issue I ran into is service accounts in the primary OUs, so I'm trying to exclude accounts whose email address contains "noreply", but I continue to get the noreply accounts in my return. Any thoughts?

foreach($OU in $OUs) {
$Users = Get-ADUser -SearchBase $OU -filter * -properties *
foreach($User in $Users) {
    if(($User.PasswordLastSet -lt $CutOffDate) -and ($User.EmailAdress -notcontains 'noreply*')) {
        write-host $User.EmailAddress
    }
}

}


Solution

  • To achieve that you want to use -notlike rather than -notcontains so this should do what you're after.

    foreach($OU in $OUs) {
    $Users = Get-ADUser -SearchBase $OU -filter * -properties *
    foreach($User in $Users) {
        if(($User.PasswordLastSet -lt $CutOffDate) -and ($User.EmailAdress -notlike 'noreply*')) {
            write-host $User.EmailAddress
        }
    }