Quantcast
Channel: PowerShell.com – PowerShell Scripts, Tips, Forums, and Resources
Viewing all articles
Browse latest Browse all 8583

Password Reminder

$
0
0

Hello,

 

i am trying to get this Password Reminder script to work but i cant figure out how to get it to calculate remaining days until the password expiry´s 

here is the script i am using.

 

# New-PasswordReminder.ps1

Import-Module ActiveDirectory

 

###################################

# Get the max Password age from AD 

###################################

 

 

function Get-maxPwdAge{

   $root = [ADSI]"LDAP://domain.com"

   $filter = "(&(objectcategory=domainDNS)(distinguishedName=DC=domain,DC=com))"

   $ds = New-Object system.DirectoryServices.DirectorySearcher($root,$filter)

   $dc = $ds.findone()

   [int64]$maxpwdage = [System.Math]::Abs($dc.properties.item("maxPwdAge")[0])

   $maxpwdage/864000000000

}

 

 

###################################

# Function to send HTML email to each user

###################################

 

function send_email ($days_remaining, $email, $name ) 

{

 $today = Get-Date 

 $today = $today.ToString("dddd (dd-MMMM-yyy)")

 $date_expire = [DateTime]::Now.AddDays($days_remaining).TotalDays;

 $date_expire = $date_expire.ToString("dddd (dd-MMMM-yyy)")

 $SmtpClient = new-object system.net.mail.smtpClient 

 $mailmessage = New-Object system.net.mail.mailmessage 

 $SmtpClient.Host = "smtp.domain.com" 

 $mailmessage.from = "IT Helpdesk <helpdesk@primeraair.com>" 

 $mailmessage.To.add($email)

 $mailmessage.Subject = "$name, Your password will expire in $days_remaining days."

 $mailmessage.IsBodyHtml = $true

 $company = "Company"

 $owaurl = "mail.domain.com"

 $HelpDeskPhone = "Phone number"

 

 

$mailmessage.Body += @"

<p style="font-weight: bold">Hello, $Name,</p>

<p>It's change time again! Your $company password expires in <span style="background-color: red; color: white; font-weight: bold;">&nbsp;$days_remaining&nbsp;</span> day(s), on $date_expire.</p>

<p>Please use one of the methods below to update your password:</p>

<ol>

<li>$company office computers and Terminal Server users: You may update your password on your computer by pressing Ctrl-Alt-Delete and selecting 'Change Password' from the available options. If you use a $company laptop in addition to a desktop PC, be sure and read #3 below.</li>

<li>Remote Outlook Client, Mac, and/or Outlook Web App users: If you only access our email system, please use the following method to easily change your password:</li>

<ul>

<li>Log into <a href="$owaurl">Outlook Web App</a> using Internet Explorer (PC) or Safari or Firefox (Mac).</li>

<li>Click on the Options button in the upper right corner of the page.</li>

<li>Select the &quot;Change Password&quot; link to change your password.</li>

<li>Enter your current password, then your new password twice, and click Save</li>

<li><span style="font-weight: bold">NOTE:</span> You will now need to use your new password when logging into Outlook Web App, Outlook 2010, SharePoint, Windows Mobile (ActiveSync) devices, etc. Blackberry Enterprise Users (BES) will not need to update their password. Blackberry Internet Service (BIS) users will be required to use their new password on their device.</li>

</ul>

<li>$company issued laptops: If you have been issued a $company laptop, you must be in a corporate office and directly connected to the company network to change your password. If you also use a desktop PC in the office, you must remember to always update your domain password on the laptop first. Your desktop will automatically use the new password.</li>

<ul>

<li>Log in on laptop</li>

<li>Press Ctrl-Alt-Delete and select 'Change Password' from the available options.</li>

<li>Make sure your workstation (if you have one) has been logged off any previous sessions so as to not cause conflict with your new password.</li>

</ul>

</ol>

<p>Think you've got a complex password? Run it through the <a href="http://www.passwordmeter.com/">The Password Meter</a></p>

<p>Think your password couldn't easily be hacked? See how long it would take: <a href="http://howsecureismypassword.net/">How Secure Is My Password</a></p>

<p>Remember, if you do not change your password before it expires on $date_expire, you will be locked out of all $company Computer Systems until an Administrator unlocks your account.</p>

<p>If you are traveling or will not be able to bring your laptop into the office before your password expires, please call the number below for additional instructions.</p>

<p>You will continue to receive these emails daily until the password is changed or expires.</p>

 

<p>Thank you,<br />

The $company Help Desk<br />

$HelpDeskPhone</p>

"@

 

 $smtpclient.Send($mailmessage) 

}

 

###################################

# Search for Non-disabled AD users that have a Password Expiry.

###################################

 

$strFilter = "(&(objectCategory=User)(logonCount>=0)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(!(userAccountControl:1.2.840.113556.1.4.803:=65536)))"

 

$objDomain = New-Object System.DirectoryServices.DirectoryEntry

$objSearcher = New-Object System.DirectoryServices.DirectorySearcher

$objSearcher.SearchRoot = $objDomain

$objSearcher.PageSize = 1000

$objSearcher.Filter = $strFilter

$colResults = $objSearcher.FindAll();

 

# how many days before PW expiry do we start sending reminder emails?

$max_alert = 15

 

 

# Get the maximum password lifetime

$max_pwd_life=Get-maxPwdAge

 

$userlist = @()

foreach ($objResult in $colResults)

   {$objItem = $objResult.Properties; 

   if ($objItem.mail.gettype.IsInstance -eq $True) 

      {      

         $user_name = $objItem.name

         $user_email = $objItem.email

         #Transform the DateTime readable format

         $user_logon = [DateTime]::FromFileTime($objItem.lastlogon[0])

         $result = $objItem.pwdlastset 

         $user_pwd_last_set = [DateTime]::FromFileTime($result[0])

 

         #calculate the difference in Day from last time a password was set

         $diff_date = [INT]([DateTime]::Now - $user_pwd_last_set).TotalDays;

 

   $Subtracted = $max_pwd_life - $diff_date

         if (($Subtracted) -le $max_alert) {

            $selected_user = New-Object psobject

            #$selected_user | Add-Member NoteProperty -Name "Name" -Value $objItem.name[0]

            $selected_user | Add-Member NoteProperty -Name "Name" -Value $objItem.Item("displayname")

            $selected_user | Add-Member NoteProperty -Name "Email" -Value $objItem.mail[0]

            $selected_user | Add-Member NoteProperty -Name "LastLogon" -Value $user_logon

            $selected_user | Add-Member NoteProperty -Name "LastPwdSet" -Value $user_pwd_last_set

            $selected_user | Add-Member NoteProperty -Name "RemainingDays" -Value ($Subtracted)

            $userlist+=$selected_user

         }

      }

   }

 

###################################

# Send email to each user

###################################

   foreach ($userItem in $userlist )

   {

    if ($userItem.RemainingDays -ge 0) {

      # send_email $userItem.RemainingDay $userItem.Email $userItem.Name

       send_email $userItem.RemainingDay email@domain.com $userItem.Name

       }

   }

 

# END


Viewing all articles
Browse latest Browse all 8583

Latest Images

Trending Articles



Latest Images