Find Active Directory Users with Expired Passwords
Active Directory is used in almost all organizations to organize and manage both devices and users. Lansweeper can scan users directly from active directory along with a wide range of active directory attributes like whether the account's password has expired and at what time.
Along with basic information about the user like their name and domain, this audit also lists the AD status and the time and date when the password expiration occurred. This lets you easily find users which password expired without the need of Powershell scripts or CMD commands. From the report, you can also navigate straight to the user's page to get all the detailed about the user including the devices that have been logged into.
Active Directory Password Expired Query
Select Top 1000000 Case
When tblADusers.Displayname Is Null Or
tblADusers.Displayname = '' Then tblADusers.Userdomain + '\' +
tblADusers.Username
Else tblADusers.Displayname
End As Displayname,
tblADusers.Department,
tblADusers.Title,
tblADusers.Username,
tblADusers.Userdomain,
tblADusers.IsEnabled As EnabledInAD,
'usersm.png' As Icon,
tblADusers.PasswordExpirationDate
From tblADusers
Where tblADusers.PasswordExpirationDate < GetDate()
Order By tblADusers.PasswordExpirationDate,
Displayname