Solved

Powershell script to pull accounts expiring from AD and email the manager

Posted on 2015-02-03
11
191 Views
Last Modified: 2015-02-03
I am trying to get a script to work that will find Accounts expiring within 14 days and after that email the manager of this user with the username, this is what I have but it doesn't seem to be working, I'm a powershell novice so I am hoping someone can take a look and tell me what I may be missing here.  Thanks!

$expired = Search-ADAccount -AccountExpiring -TimeSpan 14.00:00:00 | Get-ADUser -Properties manager,mail,physicalDeliveryOfficeName |Select-Object name,manager,mail,physicalDeliveryOfficeName
ForEach ($user in $expired) {
    Send-MailMessage -To $user.manager -From whatever@it.com -SmtpServer "servername" -Body "Password is Expired for $user.name -Subject "Password"
}
Export-Csv -path c:\temp\test.csv -NoTypeInformation -InputObject $expired
0
Comment
Question by:jennileePerez
  • 5
  • 2
  • 2
  • +2
11 Comments
 
LVL 67

Expert Comment

by:sirbounty
ID: 40586516
When you say it "doesn't seem to be working" - can you elaborate ?
0
 
LVL 40

Accepted Solution

by:
Subsun earned 250 total points
ID: 40586600
Mostly It's failing as the $user.manager is not a smtp address.. Try modifying Send-MailMessage command to..
Send-MailMessage -To (Get-Aduser $user.manager -Properties mail).Mail -From whatever@it.com -SmtpServer "servername" -Body "Password is Expired for $($user.name)" -Subject "Password"

Open in new window


Updated
Import-Module Activedirectory
 $expired = Search-ADAccount -AccountExpiring -TimeSpan 14.00:00:00 | Get-ADUser -Properties manager,mail,physicalDeliveryOfficeName |Select-Object name,manager,mail,physicalDeliveryOfficeName
 ForEach ($user in $expired) {
   Send-MailMessage -To (Get-Aduser $user.manager -Properties mail).Mail -From whatever@it.com -SmtpServer "servername" -Body "Password is Expired for $($user.name)" -Subject "Password"
 }
Export-Csv -path c:\temp\test.csv -NoTypeInformation -InputObject $expired

Open in new window

0
 
LVL 67

Assisted Solution

by:sirbounty
sirbounty earned 250 total points
ID: 40586634
Good catch Subsun.
Also the body should be adjusted:
 -Body "Password is Expired for $($user.name)"
0
 

Author Comment

by:jennileePerez
ID: 40586766
Thanks guys!  This looks great. My issue is it just seems to sit there at a blinking cursor, no email sent and no file exported.
If I do the search separately file export works fine so I know it's not a permission thing there.  Also I have tested sending as an attachment with send-mailmessage, and mailing works, it's when I add in the ForEach and try to get it to email to the manager that I have this issue.  I am probably missing something very simple
0
 
LVL 39

Expert Comment

by:footech
ID: 40586800
Also, account expiring and password expiring are two different things.  Which are you looking for?
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 

Author Comment

by:jennileePerez
ID: 40586836
Accounts expiring within 14 days, not passwords.  That part works, I get what I am looking for, what I need to do after that is email the manager of this user to inform them that they have an employee with an end date coming up
0
 

Author Comment

by:jennileePerez
ID: 40586842
Sorry, my subject and body may have caused that confusion, I just had that for testing
0
 
LVL 68

Expert Comment

by:Qlemo
ID: 40586850
Add some debugging messages to see what is going on:
Import-Module Activedirectory
 $expired = Search-ADAccount -AccountExpiring -TimeSpan 14.00:00:00 | Get-ADUser -Properties manager,mail,physicalDeliveryOfficeName |Select-Object name,manager,mail,physicalDeliveryOfficeName
 ForEach ($user in $expired) {
   $mgr = (Get-Aduser $user.manager -Properties mail).Mail 
   Write-Host "Sending mail for $($user.Name) to $mgr"
   Send-MailMessage -To $mgr -From whatever@it.com -SmtpServer "servername" -Body "Password is Expired for $($user.name)" -Subject "Password"
 }
Export-Csv -path c:\temp\test.csv -NoTypeInformation -InputObject $expired

Open in new window

0
 
LVL 40

Expert Comment

by:Subsun
ID: 40586907
My issue is it just seems to sit there at a blinking cursor
How do you run the script? copy pasting in to PowerShell Console or saving the code in to .ps1 file and executing it from PowerShell console?

If you are copy pasting you need to press the Enter key until the PowerShell console return the prompt.

Probably a screen shot of where it is stuck may help..
0
 

Author Comment

by:jennileePerez
ID: 40586943
Thanks guys, it seems somehow I had an ' and space after ForEach, fixed and it's working great now! Thanks so much for your help!
0
 

Author Closing Comment

by:jennileePerez
ID: 40586945
Thanks!!
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How to prioritize LOGONSERVER for clients? 1 41
AD Activation of KMS Key 6 63
need help with active directory 4 27
Migrating from SBS - cont 17 16
Set OWA language and time zone in Exchange for individuals, all users or per database.
In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now