Home > IT, PowerShell, Scripting, Windows > How to send password expire alert to AD users with PowerShell?

How to send password expire alert to AD users with PowerShell?

May 26th, 2009

user-128x128Today i write  a new PowerShell Script

I need this because i what to create a shedule task to send alert for every user who need to change theu password before expiration time. Its very usefull if you are work with lot of people.

Lets see, i commented the script and i think i don’t  need to describe.

  1. cls
  2. ########################################################################
  3. # Created by Levente Veres (bergermanus)
  4. # Contact: http://my.bergersoft.net
  5. # Description: The current script send Alert for users before they password
  6. # expires. You can set some values to configure this script.
  7. ########################################################################
  8.  
  9. ##########################################################################
  10. # Function to send email to each user
  11. ##########################################################################
  12. function send_email_user ($remaining_day, $email, $name )
  13. {
  14. $today = Get-Date
  15. $date_expire = [DateTime]::Now.AddDays($remaining_day) ;
  16. $SmtpClient = new-object system.net.mail.smtpClient
  17. $mailmessage = New-Object system.net.mail.mailmessage
  18. $SmtpClient.Host = "SENDER.DOT.TO"
  19. $mailmessage.from = "it@DOT.TO"
  20. $mailmessage.To.add($email)
  21. $mailmessage.Bcc.add("it@DOT.TO")
  22. $mailmessage.Subject =$name, your password expires on Bergersoft.net”
  23. $mailmessage.IsBodyHtml = $true
  24. $mailmessage.Body = "
  25. <h1>Dear $name</h1>
  26. "
  27. $mailmessage.Body +="
  28. <h5>Your password for account <span style="color: red;">$email</span> will be expirend in <span style="color: red;"><strong>$remaining_day</strong></span> days on <strong>$date_expire</strong></h5>
  29. "
  30. $mailmessage.Body +="For other question please ask the Administrators !
  31.  
  32. "
  33. $mailmessage.Body += " Generated on : $today
  34.  
  35. "
  36. $mailmessage.Body += "==================================
  37. "
  38. $mailmessage.Body += "Bergersoft.net
  39. "
  40. $smtpclient.Send($mailmessage)
  41. }
  42.  
  43. ##########################################################################
  44. # Send REPORT for Admins
  45. ##########################################################################
  46. function sendmail($body)
  47. {
  48. $today = Get-Date
  49. $SmtpClient = new-object system.net.mail.smtpClient
  50. $mailmessage = New-Object system.net.mail.mailmessage
  51. $SmtpClient.Host = "SENDER.DOT.TO"
  52. $mailmessage.from = "it@DOT.TO"
  53. $mailmessage.To.add("admin_it@DOT.TO")
  54. $mailmessage.Subject =[Report] Bergersoft.net password expires”
  55. $mailmessage.IsBodyHtml = $true
  56. $mailmessage.Body = "
  57. <h4>Generated on : $today `n</h4>
  58. "  + $body
  59. $mailmessage.Body += "`n" +  $body1
  60.  
  61. $smtpclient.Send($mailmessage)
  62. }
  63.  
  64. ##########################################################################
  65. # Search for the active directory users with following conditions
  66. # 1. Is in USER category
  67. # 2. Is loged in more that 1 times – for eliminate the system accounts
  68. # 3. Eliminate the Disbaled Accounts
  69. ##########################################################################
  70. $strFilter = "(&amp;(objectCategory=User)(logonCount&gt;=1)(!userAccountControl:1.2.840.113556.1.4.803:=2))"
  71. $objDomain = New-Object System.DirectoryServices.DirectoryEntry
  72. $objSearcher = New-Object System.DirectoryServices.DirectorySearcher
  73. $objSearcher.SearchRoot = $objDomain
  74. $objSearcher.PageSize = 1000
  75. $objSearcher.Filter = $strFilter
  76. $colResults = $objSearcher.FindAll();
  77.  
  78. #SET the max day  before expiration alert
  79. $max_alert = 10
  80.  
  81. ##########################################################################
  82. #SET the max password lifetime
  83. # In the future i rewrite to ask teh GP for the group.
  84. ##########################################################################
  85. $max_pwd_life= 90;
  86.  
  87. $userlist = @()
  88.  
  89. foreach ($objResult in $colResults)
  90.  
  91. {$objItem = $objResult.Properties;
  92. if ( $objItem.mail.gettype.IsInstance -eq $True)
  93. {
  94. $user_name = $objItem.name
  95. $user_email = $objItem.email
  96. #Transform the DateTime readable
  97. $user_logon = [datetime]::FromFileTime($objItem.lastlogon[0])
  98. $result =  $objItem.pwdlastset
  99. $user_pwd_last_set = [datetime]::FromFileTime($result[0])
  100.  
  101. #calculate the difference in Day
  102. $diff_date = [INT]([DateTime]::Now - $user_pwd_last_set).TotalDays;
  103.  
  104. if (($max_pwd_life - $diff_date) -le $max_alert) {
  105. $selected_user = New-Object psobject
  106. $selected_user | Add-Member NoteProperty -Name "Name" -Value  $objItem.name[0]
  107. $selected_user | Add-Member NoteProperty -Name "Email" -Value  $objItem.mail[0]
  108. $selected_user | Add-Member NoteProperty -Name "LastLogon" -Value $user_logon
  109. $selected_user | Add-Member NoteProperty -Name "LastPwdSet" -Value $user_pwd_last_set
  110. $selected_user | Add-Member NoteProperty -Name "EllapsedDay" -Value $diff_date
  111. $selected_user | Add-Member NoteProperty -Name "RemainingDay" -Value ($max_pwd_life-$diff_date)
  112. $userlist+=$selected_user
  113.  
  114. }
  115. }
  116. }
  117.  
  118. ###############################################################################
  119. # Send email for each user
  120. ###############################################################################
  121. foreach ($userItem in $userlist )
  122. {
  123. send_email_user $userItem.RemainingDay $userItem.Email $userItem.Name
  124. }
  125.  
  126. ###############################################################################
  127. # Sedn email for Admins in reporting format
  128. ###############################################################################
  129. $bodyme = $userlist| Sort-Object "RemainingDay" |  ConvertTo-Html -Title "AD password Status" -Body "<h2>Ad password expiration Status</h2> "  -head "<style>td{font-size:smaller;padding:0 0 0 5px;border: 1px solid #003366;}table{border: 1px solid #003366;margin:0;padding:0}tr{margin:0;padding:0;}h2{color:red};th{font-size:smaller;text-align:left;border: 1px solid #003366;background-color:#aaa;}</style>" | foreach {$_ -replace "<table>", "</table><table cellspacing=0>"}
  130.  
  131. sendmail $bodyme
  132.  
  133. ###############################################################################
  134. # END
  135. ###############################################################################
Comments are closed.