dade80vr · December 18, 2019 11:20
diff --git a/query-ad-users.ps1 b/query-ad-users.ps1
 #ACCOUNT BLOCCATI
 get-aduser -Properties * -filter *| Where-Object {$_.LockedOut -eq $true} | select displayname,samaccountname | sort-object displayname | export-csv -Path e:\Test\users_Locked.csv -NoTypeInformation

 #ACCOUNT DISABILITATI
 get-aduser -Properties * -filter *| Where-Object {$_.Enabled -eq $false} | select displayname,samaccountname | sort-object displayname | export-csv -Path e:\Test\users_Disabled.csv -NoTypeInformation

 #ACCOUNT ABILITATI
 get-aduser -Properties * -filter *| Where-Object {$_.Enabled -eq $true} | select displayname,samaccountname | sort-object displayname | export-csv -Path e:\Test\users_Enabled.csv -NoTypeInformation

 #ACCOUNT ATTIVI CON PSW SENZA SCADENZA
 get-aduser -Properties * -filter *| Where-Object {($_.passwordneverexpires -eq $true) -and ($_.Enabled -eq $true)} | select displayname,samaccountname | sort-object displayname | export-csv -Path e:\test\users_PswNoExpires.csv -NoTypeInformation

 #ACCOUNT SENZA PSW (rif. https://4sysops.com/archives/find-ad-users-with-empty-password-passwd_notreqd-flag-using-powershell/)
 get-aduser -Properties * -LDAPFilter "(&(userAccountControl:1.2.840.113556.1.4.803:=32)(!(IsCriticalSystemObject=TRUE)))" | select displayname,SamAccountName | sort-object displayname | export-csv e:\test\users_PswNotReq.csv -NoTypeInformation

 #ACCOUNT CON SCADENZA PSW
 Get-ADUser -filter {(Enabled -eq $True) -and (PasswordNeverExpires -eq $False)} –Properties DisplayName,samaccountname,"msDS-UserPasswordExpiryTimeComputed" | Select-Object -Property "Displayname","SamAccountName",@{Name="ExpiryDate";Expression={[datetime]::FromFileTime($_."msDS-UserPasswordExpiryTimeComputed")}} | sort-object expirydate | export-csv e:\test\users_DatePsw.csv -NoTypeInformation

 #ACCOUNT ATTIVI CON DATA ULTIMO LOGON
 Get-ADUser -filter {Enabled -eq $True} –Properties * | Select-Object -Property "Displayname","SamAccountName",@{Name="LastLogonDate";Expression={[datetime]::FromFileTime($_.LastLogon)}} | sort-object samaccountname | export-csv e:\test\users_LastLogon.csv -NoTypeInformation
	#ACCOUNT BLOCCATI
	get-aduser -Properties * -filter *\| Where-Object {$_.LockedOut -eq $true} \| select displayname,samaccountname \| sort-object displayname \| export-csv -Path e:\Test\users_Locked.csv -NoTypeInformation

	#ACCOUNT DISABILITATI
	get-aduser -Properties * -filter *\| Where-Object {$_.Enabled -eq $false} \| select displayname,samaccountname \| sort-object displayname \| export-csv -Path e:\Test\users_Disabled.csv -NoTypeInformation

	#ACCOUNT ABILITATI
	get-aduser -Properties * -filter *\| Where-Object {$_.Enabled -eq $true} \| select displayname,samaccountname \| sort-object displayname \| export-csv -Path e:\Test\users_Enabled.csv -NoTypeInformation

	#ACCOUNT ATTIVI CON PSW SENZA SCADENZA
	get-aduser -Properties * -filter *\| Where-Object {($_.passwordneverexpires -eq $true) -and ($_.Enabled -eq $true)} \| select displayname,samaccountname \| sort-object displayname \| export-csv -Path e:\test\users_PswNoExpires.csv -NoTypeInformation

	#ACCOUNT SENZA PSW (rif. https://4sysops.com/archives/find-ad-users-with-empty-password-passwd_notreqd-flag-using-powershell/)
	get-aduser -Properties * -LDAPFilter "(&(userAccountControl:1.2.840.113556.1.4.803:=32)(!(IsCriticalSystemObject=TRUE)))" \| select displayname,SamAccountName \| sort-object displayname \| export-csv e:\test\users_PswNotReq.csv -NoTypeInformation

	#ACCOUNT CON SCADENZA PSW
	Get-ADUser -filter {(Enabled -eq $True) -and (PasswordNeverExpires -eq $False)} –Properties DisplayName,samaccountname,"msDS-UserPasswordExpiryTimeComputed" \| Select-Object -Property "Displayname","SamAccountName",@{Name="ExpiryDate";Expression={[datetime]::FromFileTime($_."msDS-UserPasswordExpiryTimeComputed")}} \| sort-object expirydate \| export-csv e:\test\users_DatePsw.csv -NoTypeInformation

	#ACCOUNT ATTIVI CON DATA ULTIMO LOGON
	Get-ADUser -filter {Enabled -eq $True} –Properties * \| Select-Object -Property "Displayname","SamAccountName",@{Name="LastLogonDate";Expression={[datetime]::FromFileTime($_.LastLogon)}} \| sort-object samaccountname \| export-csv e:\test\users_LastLogon.csv -NoTypeInformation