Jump to content









Photo

Powershell Script to notify users of expiring passwords

powershell ad password

  • Please log in to reply
1 reply to this topic

#1 Panagiotis Pataridis

Panagiotis Pataridis

    Enterprise Admin!

  • Administrators
  • 1,218 posts

Posted 08 March 2016 - 01:27 PM

Και ένα μικρό Script για να ειδοποιούνται οι χρήστες πως οι κωδικοί τους θα λήξουν σε X μέρες :)

<#
Script to notify users of password change
#>
#Variables----------------------------------------------------------###
#What date is it?
$Today=Get-date
#How many days before should we notify the user?
$Days=50
#Specify a From address
$From="p.pataridis@mail.com"
#Specify a subject for the message!
$Subject="Your account will expire soon! Action Required"
#Specify the SMTP Server !
$SMTPServer="10.0.0.1"
#-------------------------------------------------------------------###

#Start!-------------------------------------------------------------###
#Find all users that will need a password change within the specified days, We are searching for all Enabled accounts , with Password never expires option not set and not containing a $ sign (Domains with trust accounts,GMSA accounts ...etc, we do not need those)
$Expiring=Get-ADUser -filter {Enabled -eq $True -and PasswordNeverExpires -eq $False -and Name -notlike "*$*"} –Properties "DisplayName", "msDS-UserPasswordExpiryTimeComputed" ,"PasswordExpired" , "Mail","UserPrinciPalName"
#Loop through each account
foreach ($Account in $Expiring)
    {
    #And get its expiring date, convert it to a more readable format as  msDS-UserPasswordExpiryTimeComputed is a calculated field and it is a mess
    $ExpiringDate=[datetime]::FromFileTime($Password."msDS-UserPasswordExpiryTimeComputed")
        #If you do find an account that has not expired and the remaining days are less than the days specified
        if ($Account.PasswordExpired -eq $false -and ($ExpiringDate - $Today).Days -lt $Days )
            {
            #Start the notification process
            #Get the actual UPN in the domain as this may differ from the users email
            $AccountUPN=$Account.UserPrinciPalName
            #Calculate the days left
            $DaysLeft=($ExpiringDate-$Today).Days
            #Inform the user
            Send-MailMessage -SmtpServer $SMTPServer -From $From -To $Account.Mail -Subject $Subject  -Body "Your AD Password for account  $AccountUPN will expire in $DaysLeft days! Please change it."  
            }
    }

  • Blackman likes this

#2 Blackman

Blackman

    Enterprise Admin!

  • Members
  • PipPipPipPipPipPip
  • 1,962 posts
  • LocationIn a b-boy cypher...

Posted 09 March 2016 - 01:03 PM

καλό...

αν θες η ενημέρωση να γίνεται και σε email :)


BSc in Business Information Systems,
MSc in Information Technology Management,
MCP, MCSA 2003, MCSA 2008, MCSA 2008:Virtualization
IT Manager @ V-Group





Also tagged with one or more of these keywords: powershell, ad, password

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users