I have no scripting skills, so please be patient with me :-)
We have FGPP in place in combination with shadow groups.
Used http://www.sole.dk/active-directory-shadow-group-script-will-let-you-spend-less-time-on-updating-group-memberships/ to create the shadow groups. Works great.
But now my manager wants to send mail to users, 14, 7, 3, 2, and 1 day before password expires.
I found a script here: http://gallery.technet.microsoft.com/Password-Expiry-Email-177c3e27#content
But I need to edit the script.
Questions 1:
I've created three shadowgroups, and want to query these groups.
Do I edit the script like this:
# Get Users From AD who are Enabled, Passwords Expire and are Not Currently Expired
Import-Module ActiveDirectory
$Group = get-ADGroupmember -identity groupname1, groupname2, groupname3 -filter * -properties Name, PasswordNeverExpires, PasswordExpired, PasswordLastSet, EmailAddress |where {$_.Enabled -eq "True"} | where { $_.PasswordNeverExpires -eq $false } | where { $_.passwordexpired -eq $false }
$maxPasswordAge = (Get-ADDefaultDomainPasswordPolicy).MaxPasswordAge
# Process Each User for Password Expiry
foreach ($user in $Group)
Question 2:
To send mail on the specific days before password expire, do I edit the script like this:
# Send Email Message
if (($daystoExpire) -eq (("14") -or (("7") -or (("3") -or (("2") -or ("1")))
I think the syntax is probably wrong.
Question 3:
Do I need to edit other lines in the script.
Thanks