Jump to content
Sign in to follow this  
giotis

Powershell Script to notify users of expiring passwords

Recommended Posts

Και ένα μικρό Script για να ειδοποιούνται οι χρήστες πως οι κωδικοί τους θα λήξουν σε X μέρες :)

<#
Script to notify users of password change
#>
#Variables----------------------------------------------------------###
#What date is it?
$Today=Get-date
#How many days before should we notify the user?
$Days=50
#Specify a From address
$From="p.pataridis@mail.com"
#Specify a subject for the message!
$Subject="Your account will expire soon! Action Required"
#Specify the SMTP Server !
$SMTPServer="10.0.0.1"
#-------------------------------------------------------------------###

#Start!-------------------------------------------------------------###
#Find all users that will need a password change within the specified days, We are searching for all Enabled accounts , with Password never expires option not set and not containing a $ sign (Domains with trust accounts,GMSA accounts ...etc, we do not need those)
$Expiring=Get-ADUser -filter {Enabled -eq $True -and PasswordNeverExpires -eq $False -and Name -notlike "*$*"} –Properties "DisplayName", "msDS-UserPasswordExpiryTimeComputed" ,"PasswordExpired" , "Mail","UserPrinciPalName"
#Loop through each account
foreach ($Account in $Expiring)
    {
    #And get its expiring date, convert it to a more readable format as  msDS-UserPasswordExpiryTimeComputed is a calculated field and it is a mess
    $ExpiringDate=[datetime]::FromFileTime($Password."msDS-UserPasswordExpiryTimeComputed")
        #If you do find an account that has not expired and the remaining days are less than the days specified
        if ($Account.PasswordExpired -eq $false -and ($ExpiringDate - $Today).Days -lt $Days )
            {
            #Start the notification process
            #Get the actual UPN in the domain as this may differ from the users email
            $AccountUPN=$Account.UserPrinciPalName
            #Calculate the days left
            $DaysLeft=($ExpiringDate-$Today).Days
            #Inform the user
            Send-MailMessage -SmtpServer $SMTPServer -From $From -To $Account.Mail -Subject $Subject  -Body "Your AD Password for account  $AccountUPN will expire in $DaysLeft days! Please change it."  
            }
    }

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...