Choose what fields to add to CSV


Noob to powershell, been trying for days with no success.

Can anyone help with this snippet, i am trying to output the results to a CSV


Load the users

$MailUsers = Get-ADUser -SearchBase “OU=etc etc” -Filter “(SAMAccountName -like ‘A12*’) -AND `
(PasswordNeverExpires -eq ‘$false’ -AND Enabled -eq ‘$true’)” -Properties PasswordLastSet, DisplayName, PasswordNeverExpires, mail, SAMAccountName

Loop through them

foreach ($MailUser in $MailUsers) {

#Write-Output "$($MailUser.SAMAccountName, " “, $MailUser.GivenName)”

Count how many days are left before the password expires and round that number

$PasswordExpiresInDays = [System.Math]::Round((New-TimeSpan -Start $CurrentPWChangeDateLimit -End ($MailUser.PasswordLastSet)).TotalDays)

Write some status…

Write-Output "$($MailUser.SAMAccountName, " “, $MailUser.DisplayName) needs to change password in $PasswordExpiresInDays days.”

Build the body depending on where in the organisation the user is

if (($PasswordExpiresInDays -eq $LastPasswordWarningDays) -or ($PasswordExpiresInDays -eq $FirstPasswordWarningDays) -or ($PasswordExpiresInDays -eq $SecondPasswordWarningDays) -or ($PasswordExpiresInDays -eq $ThirdPasswordWarningDays)) {

Write-Output "$($MailUser.SAMAccountName, " “, $MailUser.DisplayName) needs to change password in $PasswordExpiresInDays days.”


$MailUser | export-csv $outputFile -append -NoTypeInformation

My Output csv has all the properties in it, I only want the SAMAccountName, DisplayName, Email Address and I also want to Include that Variable $PasswordExpiresInDays in the CSV… The idea is to run this script via SSIS and output to CSV, then use the CSV to send out the emails via another task.

Anyone able to help?

Pipe your objects to Select-Object and pick the properties you want. You can also create new custom properties if needed.

$MailUser |
    Select-Object -Property SAMAccountName, DisplayName, EmailAddress,
                            @{n="Password-Expires"; e={[System.Math]::Round((New-TimeSpan -Start $CurrentPWChangeDateLimit -End ($MailUser.PasswordLastSet)).TotalDays)}} |
                Export-Csv $outputFile -Append -NoTypeInformation

Recommend reviewing Select-Object

Couple of things:

  • Splat - Use splatting rather than the line continuation accent (`) with long commands. It's easy to read and provides the ability to update, add, remove parameters on the fly. Easy to read code and functionality.
  • Date Math - Not sure what $CurrentPWChangeDateLimit is in your post, but the math should be from when they set the password to Now. This would indicate someone set the password X number of days ago
  • Contains or In - When you are sending notifications on an interval, this script should be running every day to send notifications to users that meet that interval period. An array of intervals can be used to determine who would get notifications rather than checking if each interval is met with -eq
$params = @{
    SearchBase = "OU=etc etc" 
    Filter     = "(SAMAccountName -like 'A12*') -AND (PasswordNeverExpires -eq '$false' -AND Enabled -eq '$true')" 
    Properties = 'PasswordLastSet', 'DisplayName', 'PasswordNeverExpires', 'mail', 'SAMAccountName'

$MailUsers = Get-ADUser @params |
             Select-Object -Property SAMAccountName, 
                                     @{Name='PasswordExpiresInDays';Expression={[System.Math]::Round((New-TimeSpan -Start $_.PasswordLastSet -End (Get-Date)).TotalDays)}}

$reminderInterval = 14,10,5,2

foreach ($MailUser in $MailUsers | Where-Object -FilterScript {$_.PasswordExpiresInDays -in $reminderInterval}) {
    #Send-MailMessage ....