PoshCode Archive  Artifact [5654059921]

Check-ins Using Download Hex

Artifact 5654059921be6f6820bb7755b5c302ed7901e24c4502c1cd1cdd3fc344d7756a:

  • File Password-Expire-Mail.ps1 — part of check-in [c287285d4b] at 2018-06-10 13:49:20 on branch trunk — This script sends out “password is about to expire” notifications by e-mail. It can send out custom mailmessage depending on where your users are in Active Directory. This makes it possible to for example send out different instructions for password changes, or have them written in different languages. (user: DollarUnderscore size: 4785) 
# encoding: ascii
# api: powershell
# title: Password Expire Mail
# description: This script sends out “password is about to expire” notifications by e-mail. It can send out custom mailmessage depending on where your users are in Active Directory. This makes it possible to for example send out different instructions for password changes, or have them written in different languages.
# version: 0.1
# author: DollarUnderscore
# license: CC0
# x-poshcode-id: 5052
# x-archived: 2014-05-31T08:48:26
# x-published: 2014-04-05T12:10:00
#
# Information about this script and how to customize it for your environment is available at:
# http://dollarunderscore.azurewebsites.net/?p=2341
#
#========================================================================
# Created By: Anders Wahlqvist
# Website: DollarUnderscore (http://dollarunderscore.azurewebsites.net)
#========================================================================

# Set when users should get a warning...

# First time
$FirstPasswordWarningDays = 14

# Second time
$SecondPasswordWarningDays = 7

# Last time
$LastPasswordWarningDays = 3

# Set SMTP-server
$SMTPServer = "MySMTP.Contoso.Com"

# Get the password expires policy
$PasswordExpiresLength = (Get-ADDefaultDomainPasswordPolicy).MaxPasswordAge

# Calculating when passwords would have been set if they expire today
$CurrentPWChangeDateLimit = (Get-Date).AddDays(-$PasswordExpiresLength.Days)

# Calculating all dates
$FirstPasswordDateLimit = $CurrentPWChangeDateLimit.AddDays($FirstPasswordWarningDays)
$SecondPasswordDateLimit = $CurrentPWChangeDateLimit.AddDays($SecondPasswordWarningDays)
$LastPasswordDateLimit = $CurrentPWChangeDateLimit.AddDays($LastPasswordWarningDays)

# Load the users
$MailUsers = Get-ADUser -Filter "(Mail -like '*@*') -AND `
                                (PasswordLastSet -le '$FirstPasswordDateLimit' -AND PasswordLastSet -gt '$($FirstPasswordDateLimit.AddDays(-1))' -OR `
                                PasswordLastSet -le '$SecondPasswordDateLimit' -AND PasswordLastSet -gt '$($SecondPasswordDateLimit.AddDays(-1))' -OR `
                                PasswordLastSet -le '$LastPasswordDateLimit' -AND PasswordLastSet -gt '$($LastPasswordDateLimit.AddDays(-1))') -AND `
                                (PasswordNeverExpires -eq '$false' -AND Enabled -eq '$true')" -Properties PasswordLastSet, DisplayName, PasswordNeverExpires, mail

# Loop through them
foreach ($MailUser in $MailUsers) {

        # Count how many days are left before the password expires and round that number
        $PasswordExpiresInDays = [System.Math]::Round((New-TimeSpan -Start $CurrentPWChangeDateLimit -End ($MailUser.PasswordLastSet)).TotalDays)

        # Write some status...
        Write-Output "$($MailUser.DisplayName) needs to change password in $PasswordExpiresInDays days."

        # Build the body depending on where in the organisation the user is

        # Change MyOU1 to match your the OU you want your users are in.
        if ($MailUser.DistinguishedName -like "*MyOU1*") {
            $Subject = "Your password is expiring in $PasswordExpiresInDays days"
            $Body = "Hi $($MailUser.DisplayName),<BR><BR>Your password is expiring in $PasswordExpiresInDays days. Please change it now!<BR><BR>Don't forget to change it in your mobile devices if you are using mailsync.<BR><BR>Helpdesk 1"
            $EmailFrom = "Helpdesk 1 <no-reply@contoso.com>"
        }
        # Change MyOU2 to match your environment
        elseif ($MailUser.DistinguishedName -like "*MyOU2*") {
            $Subject = "Your password is expiring in $PasswordExpiresInDays days"
            $Body = "Hi $($MailUser.DisplayName),<BR><BR>Your password is expiring in $PasswordExpiresInDays days. Please change it now!<BR><BR>Don't forget to change it in your mobile devices if you are using mailsync.<BR><BR>Helpdesk 2"
            $EmailFrom = "Helpdesk 2 <no-reply@contoso.com>"
        }
        # This is the default e-mail
        else {
            $Subject = "Your password is expiring in $PasswordExpiresInDays days"
            $Body = "Hi $($MailUser.DisplayName),<BR><BR>Your password is expiring in $PasswordExpiresInDays days. Please change it now!<BR><BR>Don't forget to change it in your mobile devices if you are using mailsync.<BR><BR>Helpdesk 3"
            $EmailFrom = "Helpdesk 3 <no-reply@contoso.com>"
        }

        # Time to send the e-mail

        # The line below might need changing depending on what SMTP you are using (authentication or not)
        Send-MailMessage -Body $Body -From $EmailFrom -SmtpServer $SMTPServer -Subject $Subject -Encoding UTF8 -BodyAsHtml -To $MailUser.mail

        # E-mail is sent!
}
Fossil 2.20 [0d61fd2310] 2022-10-28 19:48:33
This page was generated in about 0.009s