Create Password Expiration Notification Script
This script is going to rely on our other lesson which is how to send emails from your company or personal Gmail account with Windows PowerShell. In that lesson, we create a “Send-Mail” function that we will be utilizing in this script.
The complete script is below:
- function Send-Email() {
-
param( -
[Parameter(mandatory=$true)][string]$To, -
[Parameter(mandatory=$true)][string]$Subject, -
[Parameter(mandatory=$true)][string]$Body -
) -
# Get user credentials -
$username = (Get-Content -Path "C:\\Scripts\\gmail_creds.txt")[0] -
$password = (Get-Content -Path "C:\\Scripts\\gmail_creds.txt")[1] | ConvertTo-SecureString -AsPlainText -Force -
# Create hash for email -
$email = @{ -
from = $username -
to = $To -
subject = $Subject -
smtpserver = "smtp.gmail.com" -
body = $Body -
credential = New-Object System.Management.Automation.PSCredential -ArgumentList $username, $password -
usessl = $true -
verbose = $true -
} -
Send-MailMessage @email - }
-
Get all AD Users
- $ADUsers = (Get-ADUser -Filter * -Properties mail, msDS-UserPasswordExpiryTimeComputed)
-
Variables
- $DoesNotExpire = 9223372036854775807 # This is the value of msDS-UserPasswordExpiryTimeComputed when the users password is set to never expire
-
Iterate over all the AD users
- foreach($User in $ADUsers) {
-
# Does the password expire? -
if($User.'msDS-UserPasswordExpiryTimeComputed' -ne $DoesNotExpire) { -
# Find out how long until the password expires -
$ExpirationDate = [DateTime]::FromFileTime($User.'msDS-UserPasswordExpiryTimeComputed') -
$Difference = New-TimeSpan -Start (Get-Date) -End $ExpirationDate
42.…
No comments yet. Add the first comment to start the discussion.