Solved

Powershell script to pull accounts expiring from AD and email the manager

Posted on 2015-02-03
11
200 Views
Last Modified: 2015-02-03
I am trying to get a script to work that will find Accounts expiring within 14 days and after that email the manager of this user with the username, this is what I have but it doesn't seem to be working, I'm a powershell novice so I am hoping someone can take a look and tell me what I may be missing here.  Thanks!

$expired = Search-ADAccount -AccountExpiring -TimeSpan 14.00:00:00 | Get-ADUser -Properties manager,mail,physicalDeliveryOfficeName |Select-Object name,manager,mail,physicalDeliveryOfficeName
ForEach ($user in $expired) {
    Send-MailMessage -To $user.manager -From whatever@it.com -SmtpServer "servername" -Body "Password is Expired for $user.name -Subject "Password"
}
Export-Csv -path c:\temp\test.csv -NoTypeInformation -InputObject $expired
0
Comment
Question by:jennileePerez
  • 5
  • 2
  • 2
  • +2
11 Comments
 
LVL 67

Expert Comment

by:sirbounty
ID: 40586516
When you say it "doesn't seem to be working" - can you elaborate ?
0
 
LVL 40

Accepted Solution

by:
Subsun earned 250 total points
ID: 40586600
Mostly It's failing as the $user.manager is not a smtp address.. Try modifying Send-MailMessage command to..
Send-MailMessage -To (Get-Aduser $user.manager -Properties mail).Mail -From whatever@it.com -SmtpServer "servername" -Body "Password is Expired for $($user.name)" -Subject "Password"

Open in new window


Updated
Import-Module Activedirectory
 $expired = Search-ADAccount -AccountExpiring -TimeSpan 14.00:00:00 | Get-ADUser -Properties manager,mail,physicalDeliveryOfficeName |Select-Object name,manager,mail,physicalDeliveryOfficeName
 ForEach ($user in $expired) {
   Send-MailMessage -To (Get-Aduser $user.manager -Properties mail).Mail -From whatever@it.com -SmtpServer "servername" -Body "Password is Expired for $($user.name)" -Subject "Password"
 }
Export-Csv -path c:\temp\test.csv -NoTypeInformation -InputObject $expired

Open in new window

0
 
LVL 67

Assisted Solution

by:sirbounty
sirbounty earned 250 total points
ID: 40586634
Good catch Subsun.
Also the body should be adjusted:
 -Body "Password is Expired for $($user.name)"
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:jennileePerez
ID: 40586766
Thanks guys!  This looks great. My issue is it just seems to sit there at a blinking cursor, no email sent and no file exported.
If I do the search separately file export works fine so I know it's not a permission thing there.  Also I have tested sending as an attachment with send-mailmessage, and mailing works, it's when I add in the ForEach and try to get it to email to the manager that I have this issue.  I am probably missing something very simple
0
 
LVL 39

Expert Comment

by:footech
ID: 40586800
Also, account expiring and password expiring are two different things.  Which are you looking for?
0
 

Author Comment

by:jennileePerez
ID: 40586836
Accounts expiring within 14 days, not passwords.  That part works, I get what I am looking for, what I need to do after that is email the manager of this user to inform them that they have an employee with an end date coming up
0
 

Author Comment

by:jennileePerez
ID: 40586842
Sorry, my subject and body may have caused that confusion, I just had that for testing
0
 
LVL 69

Expert Comment

by:Qlemo
ID: 40586850
Add some debugging messages to see what is going on:
Import-Module Activedirectory
 $expired = Search-ADAccount -AccountExpiring -TimeSpan 14.00:00:00 | Get-ADUser -Properties manager,mail,physicalDeliveryOfficeName |Select-Object name,manager,mail,physicalDeliveryOfficeName
 ForEach ($user in $expired) {
   $mgr = (Get-Aduser $user.manager -Properties mail).Mail 
   Write-Host "Sending mail for $($user.Name) to $mgr"
   Send-MailMessage -To $mgr -From whatever@it.com -SmtpServer "servername" -Body "Password is Expired for $($user.name)" -Subject "Password"
 }
Export-Csv -path c:\temp\test.csv -NoTypeInformation -InputObject $expired

Open in new window

0
 
LVL 40

Expert Comment

by:Subsun
ID: 40586907
My issue is it just seems to sit there at a blinking cursor
How do you run the script? copy pasting in to PowerShell Console or saving the code in to .ps1 file and executing it from PowerShell console?

If you are copy pasting you need to press the Enter key until the PowerShell console return the prompt.

Probably a screen shot of where it is stuck may help..
0
 

Author Comment

by:jennileePerez
ID: 40586943
Thanks guys, it seems somehow I had an ' and space after ForEach, fixed and it's working great now! Thanks so much for your help!
0
 

Author Closing Comment

by:jennileePerez
ID: 40586945
Thanks!!
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question