• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 551
  • Last Modified:

need a powershell or quest AD cmdlets script to send out an HTML attachment

can someone provide a powershell or AD Cmdlets script that we can use to check Active Directory daily to find out what passwords will expire in the next 14 days, and send out an email notice using an html file with variables in it?

many thanks

  • 3
  • 2
2 Solutions
QlemoBatchelor and DeveloperCommented:
Don't know what you mean with "variables in it", but that is my approach:
Add-PsSnapIn Quest.ActiveRoles.ADManagement -ErrorAction SilentlyContinue 
$body = `
Get-QADUser -Enabled -SizeLimit 0 | Select-Object samAccountName, mail, PasswordStatus |  
  ? {"Password never expires", "Expired", "User must change password at next logon." -notcontains $_.PasswordStatus} |  
  % { 
    $passwordexpiry = $passwordstatus.Replace("Expires at: ","") 
    $daysremaining  = ((get-date $passwirdexpiry) - (get-date)).Days
    if ($daysremaining -le 14) {
      $_ | Add-Member NoteProperty 'DaysRemaining' $daysremaining -PassThru
  } | convertTo-HTML
Send-MailMessage -SmtpServer mail.yourdomain.com `
                 -From       HelpDesk@yourdomain.com `
                 -To         HelpDesk@yourdomain.com `
                 -Subject    'Daily Pwd Expiry Report' `
                 -Body       $body -bodyAsHtml

Open in new window

siber1Author Commented:
thank you Subsun and Qlemo. both solutions will work fine for us.

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Qlemo,  let's agree to disagree!!.. :) .. I didn't post just a link to discussion thread from any other forum.. Moreover I don’t think it’s too cumbersome for an AD administrator to understand what is written in the article as it is very direct an instructive..

The thread which you are referring to have only few comments which referring to the specific code which is used to send HTML email for the users who’s password is going to expire. I agree that posting links is not a good thing to do but, I just didn't want to copy paste the code from the article. If OP have further questions then I would have happy assisted him to update the code..

BTB, Get-QADuser won’t work to find the password expiry date in all scenarios, for instance if you have a windows 2008 R2 or later domain and you have some  fine-grained password policies then you need to use the function Get-XADUserPasswordExpirationDate to find the exact password expiry date of the user.

@siber1, If you have used Qlemo's solution to achieve your goal, then you may request to reopen he question so that the points can be awarded to correct solution, I am ok with it..
Got it.. will keep it in mind..
siber1Author Commented:
I'm not going to get caught up in the politics of this, but I will say that you are extremely fortunate to have someone the caliber of Subsun posting answers to our questions. He is extremely knowledgeable and his advise and postings are the main reason I subscribe to your service.

Michael aka @siber
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now