Validates a password policy of a domain.
https://www.powershellgallery.com/packages/ADPolicyAudit/1.0
Install-Module -Name ADPolicyAudit https://github.com/proxb/PoshRSJob/archive/master.zip
####view the Password Policy and Lockout of a server, uncommenting the following Get-PasswordLockoutPolicy -ComputerName "DC1","DC2"
#Change the following for the expected password compliance values for your environment $myargs = @{ComputerName = "DSDC01","DSDC02" # array of computernames PassHistoryCount = 10 # Number of remembered passwords PassUnlockoutMins = 30 # Number of minutes before password is unlocked FailedLogonsAllowed = 4 # Allowed Failed Logons PassLength = 15 # Required password length PassMinAgeDays = 4 # Minimum age of password in days PassMaxAgeDays = 10 # Maximum age of password in days ObservationWindowMins = 20 # Number of } Test-PasswordAuditResults @myargs Send-PasswordCompliance -FailedComputers (Test-PasswordAuditResults @myargs) -To [email protected] -SMTP smtp.mycompany.com