Password Expiry Email Notification

This script will email a user in the event that their password is due to expire in X number of days.

4.6 Star
59,528 times
Add to favorites
Active Directory
E-mail Twitter Digg Facebook
Sign in to ask a question

  • Translation
    1 Posts | Last post Thu 7:59 AM
    • Hello,
      i love your Script! Thank you and Thank you!!
  • How to pass parameters
    2 Posts | Last post March 10, 2018
    • Hello 
      I will like to know how to pass parameters to script to send the report file to more then one person. I am using this -reportto;  but doesn't work.
    • Im fairly sure it is a comma separated list that Send-Mailmessage supports, not semi colon. However the parameter is expecting a string, so you may need to enclose your list inside quotes.
      -to ","
  • service not available
    1 Posts | Last post March 08, 2018
    • Hi,
      When I run the following script:
      .\PasswordChangeNotification.ps1 -smtpServer -expireInDays 21 -from 'Notifications <>' -logging -logPath c:\PasswordReminder\logFiles -testing -testRecipient -status -reportto -interval 1,2,5,10,15
      I keeps reporting after the Log Output 'Service not available, closing the transmission channel. The service response was: 4.3.2. Service not available'
      Can you tell me what is wrong?
      kind regards Marco
  • Add Expery date and hour for every single email
    6 Posts | Last post March 08, 2018
    • Hey there Robert (or anyone kind enough to help me out)
      This script worked perfectly for me at first shot even after adding all my param.
      But, there's a thing that i'm not managing to get out and i'm inside a kind of loop;
      I want to add the expiry date and hour of every single user that will receive the mail;
      The strange thing is that I got don't know why the variable isn't getting any info from the variable $UserObj or $User;
    • Do you want to add that to the output display, or to the email the user would receive?
    • Email Robert;
      I want to create something like: "Your password will expiry dd/MM/yyyy at HH:mm"
    • Oh OK.
      $expiresON Should be stored as a value like 13 December 2016 08:01:45, so you could try adding..
      $expireDate = $expiresOn.ToString().Split(" ")
      $exDate = $expireDate[0]
      $exTime = $expireDate[1]
      "Your password will expire $exDate at $exTime"
      "Your password will expire $expiresOn"
    • Hummm maybe we're still missing something;
      I tried with my custom and our standard version; with no success.
      In both results I got the variable "expireOn" as the sum of the "current date" and "the domain default password age"
      That's exactly my problem from the beginning; What I don’t get it, is that the same variable (ExpiresOn;) saves the correct full date / hour at the .csv log;
      I do know that I could “workaround” sending emails after calling that csv; But I really want to find out this problem;
      Thanks for your time.
    • Its because $expiresON is a 'date/time' not a string of text. The default output is to display the date as you'd expect, but when you put objects like that into text ie, $body, strange things can happen.
      Which is why i made the above suggestions.
  • Scheduled task
    2 Posts | Last post March 05, 2018
    • Hi,
      Great script, I have a couple of issues. 
      I added the groups settings so it just gets our staff lists.. which works fine but I get an error when I run it.
      You cannot call a method on a null-valued expression.
      At C:\scripts\PasswordChangeNotification.ps1:147 char:5
      +     $expireson = $pwdLastSet.AddDays($maxPasswordAge)
      +     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
          + CategoryInfo          : InvalidOperation: (:) [], RuntimeException
          + FullyQualifiedErrorId : InvokeMethodOnNull
      It also brings up users who have it set to never expirt and their password is very old. Its not an issue really to list these, just wondered if the error was important.
      Also, I'm trying to sort out a scheduled task but your video shows the older version.. can you help with the syntax to run the powershell with parameters.. for some reason I can't get it to run.
    • This relates to not being able to work out the password expiry date, so could be a user who has a null value for passwordlastset.
  • The SMTP server requires a secure connection or the client was not authenticated
    2 Posts | Last post March 01, 2018
    • Trying to use O365 as the SMTP server and I get this error 
      "The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.7.57 SMTP; Client was not authenticated to send anonymous mail during MAIL FROM []"
      I'm not trying to send anonymous mail, as for the 'from' I put in a valid address.
      What's the best way to get around this?
    • You'll need to provide the -credential parameter and a PS Credential Object.
      Ill make a video about that shortly.
  • Logging and Reportto not working
    2 Posts | Last post March 01, 2018
    • Hi,
      I have the following in my scheduled task as the arguements -
      -command "c:\psscripts\PasswordChangeNotification.ps1 -smtpServer -expireInDays 21 -from 'IT Support <>' -logging -logpath C:\psscipts -status -reportto -interval 1,2,7,14,21"
      The log file is not created and I never get anything at the reporto address.  Everything else seems to be working.  Users are getting the notifications at the correct intervals.  What am I missing?  The scheduled task is being run by a domain admin account.  Does it need a local account?
      Many thanks,
    • Never mind.. a typo caused the issue.  It is fixed
  • How to apply the script for one OU for testing
    2 Posts | Last post February 27, 2018
    • Robert i want to apply this script for one OU for testing after testing will put it in production, Will i apply this via task scheduler or should i set it up via GPO?
      Thanks a lot.
    • Modify the $users line to include -searchbase "ou=MyOu,dc=domain,dc=com"
  • Can we use Exchange 2007 to send notifications out?
    10 Posts | Last post February 24, 2018
    • I am new to PowerShell scrpt.  We have a small LAN and Exchange 2007 server on Windows 2008 R2 in house.  My question is whether we can use Exchange 2007 to send notifications out to our users instead of SMTP service.  If so, how.  Thanks a lot! 
    • Yes that should work fine as long as it is configured to allow you to relay email.
    • Are there any instructions for this kind of configuration out there? 
    • You mean, to make exchange server send email?
    • If I understand you correctly, I have to configure SMTP and Exchange server to send the notifications out to the users.Thanks.
    • Please let me know how to configure SMTP and Exchange server to send notifications out.  Thanks a lot.
    • Do you have exchange already running? You can use any smtp service, it doesn't have to be local to the your server - Office 365, Gmail, anything.
    • Yes. The Exchange 2007 server has been running since 2010. Some of the users work from home. 
    • ok. lets say the server is called Exchange01
      when you run the script just enter this -smtpserver Exchange01
      On the exchange server you need to make sure there is a receive connector that is allowed to accept mail from the IP address of the station running the script. If you are sending messages outside of the exchange server you may need to use authentication, or configure that receive connector to allow anonymous relay which isnt really a best practice. This might be useful :
    • Thanks Robert.  I configured the SMTP server accordingly. It is working now.
  • Assign values rather than ask for input
    2 Posts | Last post February 21, 2018
    • Hello,
      I'm trying to understand how to instead of prompting the user (me) to input the smtp server name, expiration days, etc. if there's a way to edit the script so those things are static so they do not require any interaction from my part, and rather it would just run on its own. The smtp server never changes and neither will the expiration days. If I run the script as it was written by Robert Pearman, it will prompt me for all of those things and output the results, but no e-mails get sent or anything. I tried to configure it so the testing portion would work, but I failed to figure that out, too. I'm a total novice when it comes to PowerShell scripting, so please bear with me. Thank you for your help!
    • There are several ways to accomplish this.
      The easiest is to save the command into notepad, so you dont have to type it in each time, if you want to run it manually.
      Second, run it as a scheduled task with the values saved.
      Third, and most time consuming, remove everything inside param() (lines 16 to 49) and enter instead each variable on a single line with the value you prefer.
      It is worth noting i moved away from static variables to allow for greater portability and easier changes.
      This video explains the changes,
1 - 10 of 375 Items