Simple one liner to retrieve LAPS password
Replace Export-Csv with OGV or other as needed.
- Replace $computer with hostname as needed
Get-ADComputer $computer -Properties ms-Mcs-AdmPwd | `
Select DNSHostName,Enabled,Name,ms-Mcs-AdmPwd,ObjectGUID | `
Export-Csv .\admPwd.csv -NoTypeInformation -Append -ForceGathering LAPS info in hughman readable
remove -filter and add the computerName if running against 1 system
$AC = get-adcomputer -filter * -property whenCreated, PasswordLastSet, modified, DnsHostName, ipv4address, LastLogonDate, OperatingSystem, OperatingsystemVersion,ms-mcs-admpwdexpirationtime
$GC = $AC | select *, @{ Name = 'LapsExpiry'; Expression = {[datetime]::FromFileTime([convert]::ToInt64($_.'ms-MCS-AdmPwdExpirationTime',10))}}
$GC | select enabled, Name, IPV4address, DnsHostname, OperatingSystem, OperatingSystemVersion, PasswordLastSet, LastLogonDate, LapsExpiry | export-csv c:\Scraps\Revised.csvPulling from all servers
$TOD = Get-date
# build the data
get-adcomputer -searchbase "DC=Domain,DC=COM" -filter * -property dnshostname, "ms-MCS-AdmPwdExpirationTime", IPV4Address, OperatingSystem, LastLogonDate, Modified,PasswordLastSet, canonicalName | `
select dnshostname, @{ Name = 'AdmPwdExpiry'; Expression = {$([datetime]::FromFileTime([convert]::ToInt64($_.'ms-MCS-AdmPwdExpirationTime',10)))}},IPV4Address, OperatingSystem, LastLogonDate, Modified, PasswordLastSet, CanonicalName | `
# looking for servers
where {$_.OperatingSystem -like "*Windows*" } | Where{$_.OperatingSystem -like "*Server*" } | `
Where {$_.CanonicalName -notlike "*Domain Controllers*"}|`
Where { ($TOD - $_.LastLogonDate ).Days -LT 90 } | `
# replace with export-csv if wanted
Ogv