Hello,
Here is a script that will find users who’s password that will expire in 30 days and email them.
#Load Variables
$expUsers = @();
$cdate = Get-Date -Format MM-dd-yyyy;
$result = @();
$users =@();
$mdate = (Get-Date).AddDays(30);
#List Active Users in the Users OU with Password Never Expires attribute False
$users = Get-ADUser -Filter {enabled -eq $true} -SearchBase “OU=Users,DC=YOUR,DC=DOMAIN” -Properties “msDS-UserPasswordExpiryTimeComputed”,“Mail”,“PasswordneverExpires” | Where {($.Mail -like “YOURDOMAIN.COM”) -and ($.PasswordNeverExpires -eq $false)} | Select SamAccountName,Mail,Name,Enabled,msDS-UserPasswordExpiryTimeComputed,PasswordNeverExpires;
#Convert Expiration Date to MM/dd/YYYY format
$expUsers = $users | select -Property “SamAccountName”,“Name”,“Mail”,“Enabled”,“PasswordNeverExpires”,@{Name=“ExpirationDate”;Expression={[datetime]::FromFileTime($_.“msDS-UserPasswordExpiryTimeComputed”)}};
#Get Users whos’s expiring in 30 Days
$exp_Users = $expUsers | Where {$.ExpirationDate -lt $mdate -and $.ExpirationDate -gt $cdate}
foreach ($user in $exp_Users){
#Convert data to make it readable
$result += New-Object -TypeName psobject -Property @{
SamaccountName = @($user).SamaccountName;
Name = @($user).Name;
Mail = @($user).Mail;
Enabled = @($user).Enabled;
PasswordNeverExpires = @($user).PasswordNeverExpires;
ExpirationDate = @($user).ExpirationDate;
}
}
#Export Users with Password Never Expires
$result | Sort ExpirationDate | Export-Csv -NoTypeInformation d:\scripts\ad\ExpiringPasswords-$cdate.Csv
#Load CSV File
$ExUsers = Import-Csv D:\Scripts\AD\ExpiringPasswords-$cdate.Csv
#Get User count
$c = $ExUsers | Measure;
#Load Encoding Format
$encode = [System.Text.Encoding]::UTF8;
#Loop through users to send email for Expired Passwords
For ($i = 0; $i -lt $c.Count; $i++)
{
$Name = @($exUsers.Name[$i]);
$ExpDate = @($exUsers.ExpirationDate[$i]).substring(0,10);
$email = @($exusers.mail[$i]);
$Subject = “Your Account Password Will Expire on $expdate”
$Body = “Dear $Name,
Your Account Password will expire on $expdate. Please change your password.
Best,
YOUR NAME"
#Send-MailMessage -from “ExpirationNotify@YOURDOMAIN.COM” -To $email -Subject $Subject -Body $Body -Priority High -Encoding $encode -SmtpServer “YOURSMTPServer.COM”;
}
I hope this helps someone out
Thanks,
Alex Nicastro