Add a column from one table to another table

I need help combining a column named ‘PasswordAge’ from $userTable1 to the table $userTable2.

I have a list of local accounts and I would like to print the password expiration and enabled status like below

UserName Enabled PasswordAge

I can get the Username and PasswordAge from this command :

$adsi = [ADSI]'WinNT://localhost'; $users = $adsi.Children | where {$_.SchemaClassName -eq 'user'} | ForEach { [pscustomobject]@{ UserName = $_.Name[0]; PasswordAge = [math]::Round($_.PasswordAge[0]/86400) } }; if ($users) { 'User Name'.PadRight(30) + 'Password Age (Days)'; '---------'.PadRight(30) + '-------------------'; ForEach ($user in $users) { $user.Username.PadRight(30) + $user.PasswordAge } } Else { 'No passwords older than 60 days' }

$userTable1

User Name                     Password Age (Days)

DefaultAccount                540
Administrator              28
Visitor                       0
UtilityAccount            0

I can get the enabled account property from get-locauser like below:

Get-LocalUser | select -Property Name, Enabled

$userTable2

Name               Enabled
----               -------
DefaultAccount       False
Administrator      True
Visitor              False
UtilityAccount   False

Can anyone help with that?

Hello. Can you please edit your post and use the “preformatted text” button to format your code? It makes it much easier for everyone to read and allows people to copy/paste without having to replace all of the quotes. If you don’t see the button on the toolbar it might be within the gear icon.

Thanks, let me know if that’s better

a bit yes. It seems like your first code example is compressed into a one-line with ; separating commands instead of line breaks. It’s not very readable.
Regardless I think I see what you’re getting at: You want the local account username, whether or not it’s enabled, and how many days old the password is. I would stick with the Get-LocalUser cmdlet for that and derive the password age from the “PasswordLastSet” property, like this:

Get-LocalUser | Select-Object -Property Name, Enabled, PasswordLastSet, @{Name="PasswordAge";Expression={New-TimeSpan -Start $_.PasswordLastSet -End (Get-Date)}}

But your “PasswordAge” will be a timespan object so a value like this:
173.14:58:38.8450358
means 173 days, 14 hours, 58 minutes, 38 seconds.
If you want just days you might try wrapping that in a subexpression and calling just the TotalDays property.

Get-LocalUser | Select-Object -Property Name, Enabled, PasswordLastSet, @{Name="PasswordAge";Expression={(New-TimeSpan -Start $_.PasswordLastSet -End (Get-Date)).TotalDays}}

Thanks my first command came from a tenable.sc audit file check WN19-00-000020. It will go back into the audit file as 1 line. I’m testing customizing this check.

What you gave me worked. Thanks! I was able to get the timespan to round up by type casting [int32] before the expression.

Get-LocalUser | Select-Object -Property Name, Enabled, @{Name="PasswordAge";Expression={[int32](New-TimeSpan -Start $_.PasswordLastSet -End (Get-Date)).TotalDays}}, PasswordLastSet

Name               Enabled      PasswordAge PasswordLastSet     
----               ------- ----------- ---------------     
DefaultAccount           False         540      1/30/2023 2:33:48 PM
Administrator         True           28        6/25/2024 5:54:37 AM
Visitor                          False                                 
UtilityAccount   False                    0 7/23/2024 6:46:20 AM

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.