This PowerShell script will create an HTML file with account password details when run on AD server.
#Audit: AD User Passwords #Author: Hayden Graham #Last Revised: 2020.03 #Instructions: Update OU with AD container andDestination without "\" at end. #Variables $Co = "Company Name" $OU = "employees" $Path = "C:\!msp\Reports\Active_Directory_Users.htm" #Code $Name = Get-aduser -filter 'enabled -eq $True' -properties displayname,lastlogondate,passwordlastset,whencreated,passwordneverexpires |?{ $_.distinguishedname -match $OU} $Total = $Name.count $Date = (Get-Date).DateTime $a = "<style>" $a = $a + "BODY{background-color:LightGray;}" $a = $a + "TABLE{border-width: 1px;border-style: solid;border-color: black;border-collapse: collapse;}" $a = $a + "TH{border-width: 1px;padding: 10px;border-style: solid;border-color: black;background-color:Orange}" $a = $a + "TD{border-width: 1px;padding: 10px;border-style: solid;border-color: black;background-color:LightSteelBlue}" $a = $a + "</style>" $Name | sort-object displayname | select displayname,lastlogondate,passwordlastset,whencreated,passwordneverexpires | convertto-html -head $a -body "<H2>$Co - User Accounts: $Total</H2><H4>Report Date: $Date </H4>" | out-file $Path (Get-Content -path $path -Raw) -replace 'displayName','User' -replace 'lastlogondate', 'Last Logon Date'-replace 'passwordlastset','Password Last Reset'-replace'whencreated','Account Created' -replace 'passwordneverexpires','Password Never Expires'| Set-Content -Path $Path Invoke-Expression $Path