Solved

check accounts which will expire in less than one week

Posted on 2013-06-12
4
1,058 Views
Last Modified: 2013-06-14
Hello,

i need a script to run it on Active Directory to check accounts which will expire in less than one week to send for them email to contact HR or line manager to renew the accounts.

and if there is a way to send for them email automatically as a notification.

Regards,
0
Comment
Question by:fadyaz
4 Comments
 
LVL 21

Expert Comment

by:Haresh Nikumbh
ID: 39240500
0
 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 39240565
Check below link if it is helpful

See this similar thread
Powershell to get Active directory account expire in 10 days
http://www.experts-exchange.com/Programming/Languages/Scripting/Powershell/Q_27726844.html

Powershell Script to Notify Users of Expired or About to Expire Passwords in Active Directory.
http://randomtechminutia.wordpress.com/2011/11/18/powershell-script-to-notify-users-of-expired-or-about-to-expire-passwords-in-active-directory/

Extract User Accounts set to expire within the next 7 days
http://powergui.org/thread.jspa?threadID=16340

Find Users Expiration Date with Richard Mueller's Generic ADO Search
http://social.technet.microsoft.com/wiki/contents/articles/9836.find-users-expiration-date-with-richard-mueller-s-generic-ado-search.aspx

See this too
http://www.manageengine.com/products/self-service-password/password-expiration-notifier.html

Hope this helps
0
 
LVL 2

Author Comment

by:fadyaz
ID: 39241006
Hello I found this script for Richard Mueller from your links :

But can explain the script for exactly what doing ? and how i can run it?

and where i should put the password for the client email which will send the email for the user and how the email will be ?? and does it will same a CSV file or no ?

Regards,

# PSAcctExpires.ps1

Trap {"Error: $_"; Break;}

# Specify number of days. Users whose accounts expire between now and
# this many days in the future will be processed.
$Days = 7

# Email settings.
$Script:From = "myemailaddress@mydomain.com"
$Script:Subject = "Account Expiration Notice"
$Server = "smtp.mydomain.com"
$Port = 25
$Client = New-Object System.Net.Mail.SmtpClient $Server, $Port
# You may need to provide credentials.
$Client.Credentials = [System.Net.CredentialCache]::DefaultNetworkCredentials

Function SendEmail($To, $Body)
{
    $Message = New-Object System.Net.Mail.MailMessage `
        $Script:From, $To, $Script:Subject, $Body
    $Client.Send($Message)
}

# Determine dates.
$Date1 = Get-Date
$Date2 = $Date1.AddDays($Days)

# Convert from PowerShell ticks to Active Directory ticks.
$64Bit1 = $Date1.Ticks - 504911232000000000
$64Bit2 = $Date2.Ticks - 504911232000000000

$D = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()
$Domain = [ADSI]"LDAP://$D"
$Searcher = New-Object System.DirectoryServices.DirectorySearcher
$Searcher.PageSize = 200
$Searcher.SearchScope = "subtree"

$Searcher.Filter = "(&(objectCategory=person)(objectClass=user)" `
    + "(accountExpires>=" + $($64Bit1) + ")" `
    + "(accountExpires<=" + $($64Bit2) + "))"
$Searcher.PropertiesToLoad.Add("distinguishedName") > $Null
$Searcher.PropertiesToLoad.Add("sAMAccountName") > $Null
$Searcher.PropertiesToLoad.Add("mail") > $Null
$Searcher.PropertiesToLoad.Add("proxyAddresses") > $Null
$Searcher.PropertiesToLoad.Add("accountExpires") > $Null
$Searcher.SearchRoot = "LDAP://" + $Domain.distinguishedName

$Results = $Searcher.FindAll()
ForEach ($Result In $Results)
{
    $DN = $Result.Properties.Item("distinguishedName")
    $Name = $Result.Properties.Item("sAMAccountName")
    $Mail = $Result.Properties.Item("mail")
    $Addresses = $Result.Properties.Item("proxyAddresses")
    $AE = $Result.Properties.Item("accountExpires")
    If (($AE.Item(0) -eq 0) -or ($AE.Item(0) -gt [DateTime]::MaxValue.Ticks))
    {
        $AcctExpires = "<Never>"
    }
    Else
    {
        $Date = [DateTime]$AE.Item(0)
        $AcctExpires = $Date.AddYears(1600).ToLocalTime()
    }
    # Determine email address.
    If ("$Mail" -eq "")
    {
        ForEach ($Address In $Addresses)
        {
            $Prefix = $Address.SubString(0, 5)
            If (($Prefix -ceq "SMTP:") -or ($Prefix -ceq "X400:"))
            {
                $Mail = $Address.SubString(5)
                Break
            }
        }
    }
    If ("$Mail" -ne "")
    {
        $Notice = "Account for user $Name on $AcctExpires"
        SendEmail $Mail $Notice
        "Email sent to $Name ($Mail), account expires $AcctExpires"
    }
    Else
    {
        "$Name has no email, but account expires $AcctExpires"
        "DN: $DN"
    }
}

Open in new window

0
 
LVL 9

Accepted Solution

by:
VirastaR earned 500 total points
ID: 39241053
Hi,

If you have a Windows 2008 Environment then try this:
http://www.networkworld.com/community/node/42303

Hope that helps :)
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

How to remove superseded packages in windows w60 or w61 installation media (.wim) or online system to prevent unnecessary space. w60 means Windows Vista or Windows Server 2008. w61 means Windows 7 or Windows Server 2008 R2. There are various …
Introduction: Recently, I got a requirement to zip all files individually with batch file script in Windows OS. I don't know much about scripting, but I searched Google and found a lot of examples and websites to complete my task. Finally, I was ab…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now