-
-
Notifications
You must be signed in to change notification settings - Fork 22
/
Get-WinADDomainLAPS.ps1
30 lines (29 loc) · 1.21 KB
/
Get-WinADDomainLAPS.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
function Get-WinADDomainLAPS {
[CmdletBinding()]
param(
[string] $Domain = $Env:USERDNSDOMAIN,
[Array] $Computers,
[string] $Splitter
)
$Properties = @(
'Name',
'OperatingSystem',
'DistinguishedName',
'ms-Mcs-AdmPwd',
'ms-Mcs-AdmPwdExpirationTime'
)
[DateTime] $CurrentDate = Get-Date
if ($null -eq $Computers -or $Computers.Count -eq 0) {
$Computers = Get-ADComputer -Filter * -Properties $Properties
}
foreach ($Computer in $Computers) {
[PSCustomObject] @{
'Name' = $Computer.Name
'Operating System' = $Computer.'OperatingSystem'
'LapsPassword' = if ($Splitter -ne '') { $Computer.'ms-Mcs-AdmPwd' -join $Splitter } else { $Computer.'ms-Mcs-AdmPwd' } # For some reason it's an array Laps Password : {}
'LapsExpire(days)' = Convert-TimeToDays -StartTime ($CurrentDate) -EndTime (Convert-ToDateTime -Timestring ($Computer.'ms-Mcs-AdmPwdExpirationTime'))
'LapsExpirationTime' = Convert-ToDateTime -Timestring ($Computer.'ms-Mcs-AdmPwdExpirationTime')
'DistinguishedName' = $Computer.'DistinguishedName'
}
}
}