Hello, sorry i coudn’t post the script i wasn’t at work when i right this topic.
[pre]
#>
Write-Output "
Script de notification par mail de l’expiration des mots de passe de vos utilisateurs.
"
$
Load AD Module
try{
Import-Module ActiveDirectory -ErrorAction Stop
}
catch{
Write-Warning “Impossible de charger le module d’Active Directory”
}
$expireInDays = “56”
Write-Output "Vous avez choisis d’être notifé si le mot de passe d’un utilisateur expire dans $expireInDays jours.
"
$users = get-aduser -filter {(Enabled -eq $true) -and (PasswordNeverExpires -eq $false)} -properties Name, PasswordNeverExpires, PasswordExpired, PasswordLastSet, EmailAddress
$usersCount = ($users | Measure-Object).Count
Write-Output "Il y a $usersCount utilisateurs concernés par la date d’expiration des mots de passe.
"
$defaultMaxPasswordAge = (Get-ADDefaultDomainPasswordPolicy -ErrorAction Stop).MaxPasswordAge.Days
Write-Output "La durée de vie maximale d’un mot de passe sur votre domaine est de $defaultMaxPasswordAge jours.
"
$colUsers = @()
$emailaddress = “mymail@gmail.com”
$email = “mymail@gmail.com”
$SMTP = “smtp.gmail.com”
$Creds =[pscredential]::new(“mymail@gmail.com”,(ConvertTo-SecureString -String “password” -AsPlainText -Force))
Write-Output “Process User Objects”
foreach ($user in $users)
{
$Name = $user.Name
$samAccountName = $user.SamAccountName
$pwdLastSet = $user.PasswordLastSet
$maxPasswordAge = $defaultMaxPasswordAge
$PasswordPol = (Get-AduserResultantPasswordPolicy $user)
if (($PasswordPol) -ne $null)
{
$maxPasswordAge = ($PasswordPol).MaxPasswordAge.Days
}
$userObj = New-Object System.Object
$expireson = $pwdLastSet.AddDays($maxPasswordAge)
$daysToExpire = New-TimeSpan -Start $today -End $Expireson
if(($daysToExpire.Days -eq “0”) -and ($daysToExpire.TotalHours -le $timeToMidnight.TotalHours))
{
$userObj | Add-Member -Type NoteProperty -Name UserMessage -Value “today.”
}
if(($daysToExpire.Days -eq “0”) -and ($daysToExpire.TotalHours -gt $timeToMidnight.TotalHours) -or ($daysToExpire.Days -eq “1”) -and ($daysToExpire.TotalHours -le $timeToMidnight2.TotalHours))
{
$userObj | Add-Member -Type NoteProperty -Name UserMessage -Value “tomorrow.”
}
if(($daysToExpire.Days -ge “1”) -and ($daysToExpire.TotalHours -gt $timeToMidnight2.TotalHours))
{
$days = $daysToExpire.TotalDays
$days = [math]::Round($days)
$userObj | Add-Member -Type NoteProperty -Name UserMessage -Value “in $days days.”
}
$daysToExpire = [math]::Round($daysToExpire.TotalDays)
$userObj | Add-Member -Type NoteProperty -Name UserName -Value $samAccountName
$userObj | Add-Member -Type NoteProperty -Name Name -Value $Name
$userObj | Add-Member -Type NoteProperty -Name PasswordSet -Value $pwdLastSet
$userObj | Add-Member -Type NoteProperty -Name DaysToExpire -Value $daysToExpire
$userObj | Add-Member -Type NoteProperty -Name ExpiresOn -Value $expiresOn
$colUsers += $userObj
}
$colUsersCount = ($colUsers | Measure-Object).Count
$notifyUsers = $colUsers | where { $_.DaysToExpire -le $expireInDays}
$notifiedUsers = @()
$notifyCount = ($notifyUsers | Measure-Object).Count
Write-Output "Il y a $notifyCount utilisateurs ayant un mot de passe expirant dans moins $expireInDays jours.
"
foreach ($user in $notifyUsers)
{
$samAccountName = $user.UserName
$emailAddress = $user.EmailAddress
$name = $user.Name
$messageDays = $user.UserMessage
$subject=“ATTENTION”
$body ="
Le mot de passe de l’utilisateur $name expire dans $messageDays .
Veuillez lui rappeler de changer son mot de passe dans le temps restant.
Votre controleur de domaine.
"
If Testing Is Enabled - Email Administrator
if($testing)
{
$emailaddress = $testRecipient
} # End Testing
If a user has no email address listed
if(($emailaddress) -eq $null)
{
$emailaddress = $testRecipient
}# End No Valid Email
$samLabel = $samAccountName.PadRight($padVal," ")
try{
if not using interval paramter - follow this section
if using status - output information to console
if($status)
{
Write-Output “Sending Email : $samLabel : $emailAddress”
}
Send-MailMessage -To $email -From $email -Credential $Creds -Subject $Subject -Body $Body -SmtpServer $SMTP -UseSsl -Port 587 -DeliveryNotificationOption never
$user | Add-Member -MemberType NoteProperty -Name SendMail -Value “OK”
}
catch{
error section
$errorMessage = $_.exception.Message
if using status - output information to console
$user | Add-Member -MemberType NoteProperty -Name SendMail -Value $errorMessage
$notifiedUsers += $user
}
$notifiedUsers | select Name,PasswordSet,DaysToExpire,ExpiresOn | sort DaystoExpire | FT -autoSize
$runTime = New-TimeSpan $start $stop
Write-Output “Script Runtime: $runtime”
End
[/pre]