Поиск пользователей с определенным паролем (Check Password)

Без рубрики

#usage: Test-UserCredential -username UserNameToTest -password (Read-Host)

Function Test-UserCredential {

Param($username, $password)

Add-Type -AssemblyName System.DirectoryServices.AccountManagement

$ct = [System.DirectoryServices.AccountManagement.ContextType]::Machine, $env:computername

$opt = [System.DirectoryServices.AccountManagement.ContextOptions]::SimpleBind

$pc = New-Object System.DirectoryServices.AccountManagement.PrincipalContext -ArgumentList $ct

$Result = $pc.ValidateCredentials($username, $password).ToString()

$Report = $Result + ‘;’ + $username

$Report

}

Get-QADUser -SearchRoot «OU»  -Enabled | %{Test-UserCredential -username $_.NTAccountName -password P@ssw0rd} | export-csv