Recently I found myself in need of a password change notification script. What do all efficient/lazy administrators do when they need a script for any purpose? Right, I searched one online, downloaded it, checked it, suppressed any desire to fiddle with it and then scheduled it to run.
But then… that annoying little Mutant-OCD gene (those of you who have it surely recognize it!) crept up on me today and I started fiddling with it anyway. I told myself the script needed to include some customizations for my company, but who am I kidding, I would lose sleep if I didn’t give in to my OCD quirks every once in a while.
In general, I changed the script to include a proper description block, parameters, cleanup of casing for variables and refactoring of some Boolean uses to shorten the if statements. The part I needed to change specifically for Silverside was the Filter for the Get-ADUser command, this allows me to filter out Admin accounts in our organization:
… -and $_.UserPrincipalName -notlike 'adm*' …
Overall the script is now easier to deploy out of the box with the use of parameters (including defaults), so long as you remember to adjust at least the $smtpServer and $from variables under the config section:
$smtpServer = "mail.yourdomain.local" $from = "Your Company IT <email@example.com>"
As you no doubt found this post after efficiently searching for a free scipt online, feel free to use, I hope it saves you some time. Just remember to include the original author as described in the comments:
<# .SYNOPSIS Get all users with a soon to expire password and send them a reminder to do so. .DESCRIPTION This script gets all users with a soon to expire password and sends them a reminder to do so. This script was originally created by Robert Pearman and posted on the technet gallery. Since modified by Mike Beerman to include changes specific for Silverside. Settings such as the destination SMTP server and From address can only be configured within the script. .PARAMETER ExpireInDays Optional input allowing an override to the number of days at which the script will send a reminder. Defaults to 30 days. .PARAMETER Logging Switch which determines if a seperate CSV logfile should be created. Default to false without the switch. .PARAMETER LogPath Folderpath for the logfile, plain string format. .PARAMETER Testing Switch which determines if the emails should be sent to the test recipient instead of the actual users. Default to false without the switch. .PARAMETER TestRecipient Optional string for setting a different recipient in testing for testing purposes. Will not be used if Testing is not included in the command or email is disabled. .PARAMETER TestMailDisabled Switch for disabling email functionality. .EXAMPLE Send-PasswordChangeNotification.ps1 Send-PasswordChangeNotification.ps1 -Expire 60 -Logging -Logile "C:\Logs\PasswordChangeNotifications.csv" -Testing -TestRecipient "firstname.lastname@example.org" .LINK https://gallery.technet.microsoft.com/Password-Expiry-Email-177c3e27