Did you know that GitHub Copilot is now sensing hard coded credentials and giving you a warning? It’s not perfect, but even if something looks like hard coded creds it will flag it, as on another script I had, it contained numbers that looked like they could be private, and it gave me a warning about it. Honestly, I rather find more potentials credentials then not. That’s it for today, hope you have a great day!
Passwords
One-Liner Wednesday November 2, 2022
Get-ADUser -filter {Enabled -eq $True -and PasswordNeverExpires -eq $False} –Properties "DisplayName", "msDS-UserPasswordExpiryTimeComputed" |
Select-Object -Property "Displayname",@{Name="ExpiryDate";Expression={[datetime]::FromFileTime($_."msDS-UserPasswordExpiryTimeComputed")}} | sort-object ExpiryDate
Here is a one liner that find very useful and hope you do to.
You can customize it even more, but for now this one grabs all the AD User accounts that are expiring and the ones expiring first at the top. I love using this to stay in front of users passwords expiring then they can’t connect or if they are off network and is a rush to get it done.
You could even sent this up as a scheduled task and have it pull the next 2 weeks of users. Then either you reach out to them, it emails them, or it notifies your help desk to reach out to them to help change their password.
Or you could have it in your dashboard so you’d always see the next 2 weeks of users passwords expiring.
Module Monday October 10, 2022
It’s time for Module Monday….
Share Code not Secrets, I think says it best. I guess you probably want the name of the module now…It’s called PSSecretScanner which will search files/folders that you point it too and check if there are any passwords visible! Maybe you have some old code that you haven’t used in awhile, you might want to run this on it just to make sure younger you who may have been more naïve didn’t leave any plain text passwords! We’ve all been there!
PowerShell Gallery:
PSSecretScanner/1.0.9