Password Expiration Audit
This is an interactive task that reports on Users in Active Directory whose passwords:
- Have expired
- Will expire in a given window
Running this Playbook
- Click download playbook
- Import the playbook on the Playbooks page in PPA
- Build the playbook from the Edit & Build tab
- Run the playbook from the Preview & Deploy tab
Large Numbers of Users
While this task will run against up to 10,000 Users, we recommend sticking to no more than 5,000 at a time for performance reasons.
- PPA User Interface
- Hashicorp Vault Key-Value engine
- Active Directory Users, Groups, Organizational Units, & Domain
Required Vault Details
- IP/DNS address of a Domain Controller
- Domain FQDN
The Active Directory credentials require permission to audit Users.
Vault Configuration Wizard
The first time you run a task built from this playbook, PPA will check the required Vault details exist.
If they don't exist, PPA will ask you to supply the details at the start of the task.
Below you can see a user providing details the first time they run an Active Directory task.
Once the details are added to Vault, the task won't ask for them again.
If you don't know the required details, ask an administrator to run the task or configure Vault manually.
What the Task Does
Once started, this task allows the operator to:
- Select which report(s) to generate
- Choose whether to audit Users from Security Groups or Organizational Units
- Pick the relevant objects to audit Users from
Get PPA for free!
Start automating your estate with a free 30 day trial today. No signup required!Get PPA Express
See how easy it is to get started with our installation guide
View our task writing reference guide
See how to integrate with different systems using our plugins reference guide.