• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 336
  • Last Modified:

Send Message to users whose accounts are about to expire

Gday all,
                a pretty straight forward question. I need to be able to send  messages  to users who's accounts are about to expire in AD. I have a lot of contractors who are only allowed to have access for one year at a time, but some are extended and thus need to reapply for access. This invovles a a far bit of process and can take up to a week, during which time thier account could expire. This is not for passwords but accounts. This needs to be automated and ideally be able to run down each day they have left. The message needs to appear like it does when your password is about to expire.

Cheers Me
0
t3buna
Asked:
t3buna
  • 5
  • 4
1 Solution
 
deroyerCommented:
Quest has a great tool called password manager which has this feature.  I definitely would recommend using this tool for simplicity.  It also allows you to setup a report server to run reports to find the status of your network users.

I current use the PEWA tool see this link.(it says its for Win2K but it works on Win2k3 as well)..  http://support.microsoft.com/kb/221977
0
 
t3bunaAuthor Commented:
I need something for accounts that are about to expire, not passwords
0
 
deroyerCommented:
PEWA does both...
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
deroyerCommented:
dsquery user | dsget user -samid -acctexpires  (This will return the user account in the left column and in the right column the date the account expires. It will be a date or the word "never")

you can automate that through .bat script, then with some clever scripting use blat to send a message to the users.  I am working on a similar script now and will post it when I get it complete if this thread remains open.
0
 
t3bunaAuthor Commented:
Thanks Deroyer..that would be a great help
0
 
deroyerCommented:
Well sorry to disapoint but this is a tough one without some serious development, but I have been able to get this down to a few simple steps that could at least significantly reduce the amout of time it will take to do this...

In notepad create the following "FindAcctEXP.bat" with the following code:
dsquery user -limit 4000| dsget user -samid -acctexpires -email > temp1.csv
(this will dump username, email address, and account expiration into the file temp1.csv within the current directory tht you run the script. You can modify the limit to fit your needs, and even remove )

Next, open the .csv with excel and sort by the acctexpires field and remove all of the never results. (This will create an email listing).  Then just copy the list of email addresses into BCC and send a generic notice that their account is going to expire soon, etc)

I know it wasn't completely what you were looking for, but it is the best I have been able to come up with...  Good luck and let me know if you ever find a way to automate the whole thing.
0
 
t3bunaAuthor Commented:
Thanks..this has been a great help..I will update once I take time out to automate it
0
 
t3bunaAuthor Commented:
You have been a great help...thanks for the dedication to the problem
0
 
deroyerCommented:
no worries I was working on a similar concept at the time I saw this.  Thank you
0

Featured Post

[Webinar] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now