-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathPasswordExpiryNotification.ps1
More file actions
97 lines (80 loc) · 3.47 KB
/
PasswordExpiryNotification.ps1
File metadata and controls
97 lines (80 loc) · 3.47 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
Import-Module ActiveDirectory
# SMTP Configuration
$smtpServer = "<Your SMTP Server>"
$smtpPort = <Your SMTP Port>
$smtpFrom = "<Your Email Address>"
$smtpCredential = New-Object System.Management.Automation.PSCredential (
"<Your Email Address>",
(ConvertTo-SecureString "<Your Password>" -AsPlainText -Force)
)
# Ensure the log directory exists
$logDirectory = "C:\Scripts\Logs"
if (-not (Test-Path -Path $logDirectory)) {
New-Item -ItemType Directory -Path $logDirectory | Out-Null
}
# Log File Configuration
$logFile = "$logDirectory\PasswordNotificationLog.txt"
# Function to send email
function Send-Email {
param (
[string]$to,
[string]$subject,
[string]$body
)
$message = New-Object System.Net.Mail.MailMessage
$message.From = New-Object System.Net.Mail.MailAddress($smtpFrom, "System Notification Manager")
$message.To.Add($to)
$message.Subject = $subject
$message.Body = $body
$message.IsBodyHtml = $false
$smtp = New-Object System.Net.Mail.SmtpClient($smtpServer, $smtpPort)
$smtp.EnableSsl = $true
$smtp.Credentials = $smtpCredential
try {
$smtp.Send($message)
Write-Host "Email sent to $($to)"
Add-Content -Path $logFile -Value "[$(Get-Date)] Email sent to $($to)"
} catch {
# Extract the exception message to a variable
$errorMessage = $_.Exception.Message
Write-Host "Failed to send email to $($to): $errorMessage"
Add-Content -Path $logFile -Value "[$(Get-Date)] Failed to send email to $($to): $errorMessage"
}
}
# Log script execution start
Add-Content -Path $logFile -Value "[$(Get-Date)] Script execution started"
# Get current date
$currentDate = Get-Date
# Get all users in the domain
$users = Get-ADUser -Filter * -Property DisplayName, EmailAddress, PasswordLastSet, PasswordNeverExpires, AccountExpirationDate
foreach ($user in $users) {
# Check if the user has a password expiration date
if ($user.PasswordLastSet -ne $null -and $user.PasswordNeverExpires -eq $false) {
$passwordExpirationDate = $user.PasswordLastSet.AddDays((Get-ADDefaultDomainPasswordPolicy).MaxPasswordAge.Days)
$formattedExpirationDate = $passwordExpirationDate.ToString("dd/MM/yyyy") # Format date as day/month/year
# Check if the password will expire in 10 days
$notificationDate = $passwordExpirationDate.AddDays(-10)
if ($notificationDate -le $currentDate -and $passwordExpirationDate -gt $currentDate) {
# Prepare email details
$emailAddress = $user.EmailAddress
if ($emailAddress) {
$subject = "La tua password scadrà a breve"
$body = @"
Hello $($user.DisplayName),
Your password will expire on $formattedExpirationDate. Please change it before this date to avoid access issues.
To change your password, press the key combination Ctrl + Alt + Del, then select "Change password" and follow the instructions.
If you need assistance, contact the IT support team.
Thank you,
IT Department
"@
# Send the email
Send-Email -to $emailAddress -subject $subject -body $body
} else {
Write-Host "User $($user.DisplayName) does not have an email address."
Add-Content -Path $logFile -Value "[$(Get-Date)] User $($user.DisplayName) does not have an email address."
}
}
}
}
# Log script execution end
Add-Content -Path $logFile -Value "[$(Get-Date)] Script execution completed"