-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathad_pwd_expired.ps1
59 lines (47 loc) · 1.72 KB
/
ad_pwd_expired.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
$secpasswd = ConvertTo-SecureString "email_pwd" -AsPlainText -Force
$cred = New-Object System.Management.Automation.PSCredential ("from@email.pt", $secpasswd)
$EmailFrom = "from@email.pt"
$EmailTo = "to@email.pt"
$Subject = "Users passwords about to expire"
$SMTPServer = "smtp.gmail.com"
$PasswordNotificationStartInDays = 2
$DaysToExpire = 1
$Encoding = New-Object System.Text.utf8encoding
$Body = @"
<html>
<body style="font-family:calibri">
"@
# Get todays date
$Today = Get-Date
# Get Group
$ADGroup = Get-ADGroupMember 'Domain Users'
# Get list of AD Users
$ADUsers = Get-ADUser -filter {Enabled -eq $True -and PasswordNeverExpires -eq $False} -Properties passwordlastset,msDS-UserPasswordExpiryTimeComputed
foreach ($ADUser in $ADUsers)
{
# Parse password expiry date/time
$PasswordExpiresOn = [DateTime]::FromFileTime([Int64]::Parse($ADUser."msDS-UserPasswordExpiryTimeComputed"))
$DaysToExpire = (New-TimeSpan -Start $Today -End $PasswordExpiresOn).Days
$DaysToExpire = $DaysToExpire -as [int]
if ($DaysToExpire -lt 0)
{
$positiveNumber = 0 - $DaysToExpire
$Body2 += "<br>$($ADUser.Name) password expired about $positiveNumber days ago<br>"
}
if ($DaysToExpire -le $PasswordNotificationStartInDays -and $DaysToExpire -ge 0)
{
$Body2 += "<br>$($ADUser.Name) password will expire in $DaysToExpire days<br>"
}
}
$Body += $Body2
$Body +=@"
</body>
</html>
"@
# If there any user, send email to IT support
if ([String]::IsNullOrEmpty($Body2))
{
Continue
} Else {
Send-MailMessage -SmtpServer $SMTPServer -Credential $cred -UseSsl -From $EmailFrom -To $EmailTo -Subject $Subject -BodyAsHtml $Body -Encoding $Encoding
}