Solved

Powershell script to pull accounts expiring from AD and email the manager

Posted on 2015-02-03
11
214 Views
Last Modified: 2015-02-03
I am trying to get a script to work that will find Accounts expiring within 14 days and after that email the manager of this user with the username, this is what I have but it doesn't seem to be working, I'm a powershell novice so I am hoping someone can take a look and tell me what I may be missing here.  Thanks!

$expired = Search-ADAccount -AccountExpiring -TimeSpan 14.00:00:00 | Get-ADUser -Properties manager,mail,physicalDeliveryOfficeName |Select-Object name,manager,mail,physicalDeliveryOfficeName
ForEach ($user in $expired) {
    Send-MailMessage -To $user.manager -From whatever@it.com -SmtpServer "servername" -Body "Password is Expired for $user.name -Subject "Password"
}
Export-Csv -path c:\temp\test.csv -NoTypeInformation -InputObject $expired
0
Comment
Question by:jennileePerez
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
  • 2
  • +2
11 Comments
 
LVL 67

Expert Comment

by:sirbounty
ID: 40586516
When you say it "doesn't seem to be working" - can you elaborate ?
0
 
LVL 40

Accepted Solution

by:
Subsun earned 250 total points
ID: 40586600
Mostly It's failing as the $user.manager is not a smtp address.. Try modifying Send-MailMessage command to..
Send-MailMessage -To (Get-Aduser $user.manager -Properties mail).Mail -From whatever@it.com -SmtpServer "servername" -Body "Password is Expired for $($user.name)" -Subject "Password"

Open in new window


Updated
Import-Module Activedirectory
 $expired = Search-ADAccount -AccountExpiring -TimeSpan 14.00:00:00 | Get-ADUser -Properties manager,mail,physicalDeliveryOfficeName |Select-Object name,manager,mail,physicalDeliveryOfficeName
 ForEach ($user in $expired) {
   Send-MailMessage -To (Get-Aduser $user.manager -Properties mail).Mail -From whatever@it.com -SmtpServer "servername" -Body "Password is Expired for $($user.name)" -Subject "Password"
 }
Export-Csv -path c:\temp\test.csv -NoTypeInformation -InputObject $expired

Open in new window

0
 
LVL 67

Assisted Solution

by:sirbounty
sirbounty earned 250 total points
ID: 40586634
Good catch Subsun.
Also the body should be adjusted:
 -Body "Password is Expired for $($user.name)"
0
Free Webinar: AWS Backup & DR

Join our upcoming webinar with experts from AWS, CloudBerry Lab, and the Town of Edgartown IT to discuss best practices for simplifying online backup management and cutting costs.

 

Author Comment

by:jennileePerez
ID: 40586766
Thanks guys!  This looks great. My issue is it just seems to sit there at a blinking cursor, no email sent and no file exported.
If I do the search separately file export works fine so I know it's not a permission thing there.  Also I have tested sending as an attachment with send-mailmessage, and mailing works, it's when I add in the ForEach and try to get it to email to the manager that I have this issue.  I am probably missing something very simple
0
 
LVL 40

Expert Comment

by:footech
ID: 40586800
Also, account expiring and password expiring are two different things.  Which are you looking for?
0
 

Author Comment

by:jennileePerez
ID: 40586836
Accounts expiring within 14 days, not passwords.  That part works, I get what I am looking for, what I need to do after that is email the manager of this user to inform them that they have an employee with an end date coming up
0
 

Author Comment

by:jennileePerez
ID: 40586842
Sorry, my subject and body may have caused that confusion, I just had that for testing
0
 
LVL 69

Expert Comment

by:Qlemo
ID: 40586850
Add some debugging messages to see what is going on:
Import-Module Activedirectory
 $expired = Search-ADAccount -AccountExpiring -TimeSpan 14.00:00:00 | Get-ADUser -Properties manager,mail,physicalDeliveryOfficeName |Select-Object name,manager,mail,physicalDeliveryOfficeName
 ForEach ($user in $expired) {
   $mgr = (Get-Aduser $user.manager -Properties mail).Mail 
   Write-Host "Sending mail for $($user.Name) to $mgr"
   Send-MailMessage -To $mgr -From whatever@it.com -SmtpServer "servername" -Body "Password is Expired for $($user.name)" -Subject "Password"
 }
Export-Csv -path c:\temp\test.csv -NoTypeInformation -InputObject $expired

Open in new window

0
 
LVL 40

Expert Comment

by:Subsun
ID: 40586907
My issue is it just seems to sit there at a blinking cursor
How do you run the script? copy pasting in to PowerShell Console or saving the code in to .ps1 file and executing it from PowerShell console?

If you are copy pasting you need to press the Enter key until the PowerShell console return the prompt.

Probably a screen shot of where it is stuck may help..
0
 

Author Comment

by:jennileePerez
ID: 40586943
Thanks guys, it seems somehow I had an ' and space after ForEach, fixed and it's working great now! Thanks so much for your help!
0
 

Author Closing Comment

by:jennileePerez
ID: 40586945
Thanks!!
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
A quick Powershell script I wrote to find old program installations and check versions of a specific file across the network.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question