I was tasked with writing a script that would send out an e-mail to users, when there were 14,7,3,2 and 1 days before their AD passwords expired.
I use the Quest AD cmdlets to get users from AD.
if (!(Get-PSSnapin Quest.ActiveRoles.ADManagement -ErrorAction SilentlyContinue)) { Add-PSSnapin Quest.ActiveRoles.ADManagement } $mailfrom = "IT@XXXXXX.DK" $smtpsrv = "MailServerName" #Getting the Default maximum password age from AD $MaxPassAge = (Get-QADObject (Get-QADRootDSE).defaultNamingContextDN).MaximumPasswordAge.days #Getting a list of AD users, who's password doesn't expire, and adding a calculated value, with the amount of days till the password expires. [Array]$users = Get-QADUser -Enabled -PasswordNeverExpires:$false -SizeLimit 0 -Email \* |Select-Object Name,Email,@{Name="Expires";Expression={ $MaxPassAge - $\_.PasswordAge.days }} #Here-String containing the HTML to format the body of the e-mail Text is in Danish :) $html = @" \<html\>\<head\>\<style type="text/css"\>body { font-family: Arial, Helvetica, sans-serif; font-size: 9pt; } \</style\>\</head\>\<body\>\<p\>Dit Password til Windows, Outlook, Citrix og Mobil Sync på Iphone er ved at udløbe.\<br\>\<br\> \<strong\>Dage til udløb: \</strong\> \<strong\>\<font color="red"\>DAYS\</font\>\</strong\>\<br\>\<br\>Når du skal skifte dit password, skal du overholde følgende kompleksitetsregler:\</p\> \<ul\>\<li\>Passwordet skal minimum være på 8 karakterer.\</li\>\<li\>Passwordet skal minimum indeholde ét "stort" bogstav.\</li\>\<li\>Passwordet skal minimum indeholde ét tal\</li\>\<li\>Det må ikke være et password, der er brugt, inden for de sidste 20 password skift.\</li\>\<li\>Passwordet må ikke indeholde dele af dit navn, efternavn og email adresse.\</li\>\</ul\> \<p\>For at ændre password, trykker du CTRL+ALT+DELETE og vælger "Skift Adgangskode..."\</p\> \<img src="\\Path\To\PictureFile\Signature.jpg" alt="Signature" align ="left" /\> \</body\>\</html\> "@ Foreach ($user in $users) { $name = $user.name $pwdAge = $user.Expires Switch ($pwdAge) { 14 { $body = $html.replace("DAYS", "14") $subject = "Dit Password udløber om 14 dage" Send-MailMessage -To $user.Email -From $mailfrom -Subject $subject -Body $body -SmtpServer $smtpsrv -BodyAsHtml -Encoding ([System.Text.Encoding]::UTF7) write-eventlog -logname "Powershell Scripts" -source "PSScripts" -eventID 111 -entrytype Information -message "Password for $name will expire in 14 days" } 7 { $body = $html.replace("DAYS", "7") $subject = "Dit Password udløber om 7 dage" Send-MailMessage -To $user.Email -From $mailfrom -Subject $subject -Body $body -SmtpServer $smtpsrv -BodyAsHtml -Encoding ([System.Text.Encoding]::UTF7) write-eventlog -logname "Powershell Scripts" -source "PSScripts" -eventID 111 -entrytype Information -message "Password for $name will expire in 7 days" } 3 { $body = $html.replace("DAYS", "3") $subject = "Dit Password udløber om 3 dage" Send-MailMessage -To $user.Email -From $mailfrom -Subject $subject -Body $body -SmtpServer $smtpsrv BodyAsHtml -Encoding ([System.Text.Encoding]::UTF7) write-eventlog -logname "Powershell Scripts" -source "PSScripts" -eventID 111 -entrytype Information -message "Password for $name will expire in 3 days" } 2 { $body = $html.replace("DAYS", "2") $subject = "Dit Password udløber om 2 dage" Send-MailMessage -To $user.Email -From $mailfrom -Subject $subject -Body $body -SmtpServer $smtpsrv -BodyAsHtml -Encoding ([System.Text.Encoding]::UTF7) write-eventlog -logname "Powershell Scripts" -source "PSScripts" -eventID 111 -entrytype Information -message "Password for $name will expire in 2 days" } 1 { $body = $html.replace("DAYS", "1") $subject = "Dit Password udløber om 1 dage" Send-MailMessage -To $user.Email -From $mailfrom -Subject $subject -Body $body -SmtpServer $smtpsrv -BodyAsHtml -Encoding ([System.Text.Encoding]::UTF7) write-eventlog -logname "Powershell Scripts" -source "PSScripts" -eventID 111 -entrytype Information -message "Password for $name will expire in 1 day" } 0 { $body = $html.replace("DAYS", "0") $subject = "Dit Password udløber idag!!!" Send-MailMessage -To $user.Email -From $mailfrom -Subject $subject -Body $body -SmtpServer $smtpsrv -BodyAsHtml -Encoding ([System.Text.Encoding]::UTF7) write-eventlog -logname "Powershell Scripts" -source "PSScripts" -eventID 111 -entrytype Information -message "Password for $name will expire today!!!" } } }