Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Powershell script to pull accounts expiring from AD and email the manager

Posted on 2015-02-03
11
Medium Priority
?
314 Views
Last Modified: 2015-02-03
I am trying to get a script to work that will find Accounts expiring within 14 days and after that email the manager of this user with the username, this is what I have but it doesn't seem to be working, I'm a powershell novice so I am hoping someone can take a look and tell me what I may be missing here.  Thanks!

$expired = Search-ADAccount -AccountExpiring -TimeSpan 14.00:00:00 | Get-ADUser -Properties manager,mail,physicalDeliveryOfficeName |Select-Object name,manager,mail,physicalDeliveryOfficeName
ForEach ($user in $expired) {
    Send-MailMessage -To $user.manager -From whatever@it.com -SmtpServer "servername" -Body "Password is Expired for $user.name -Subject "Password"
}
Export-Csv -path c:\temp\test.csv -NoTypeInformation -InputObject $expired
0
Comment
Question by:jennileePerez
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
  • 2
  • +2
11 Comments
 
LVL 67

Expert Comment

by:sirbounty
ID: 40586516
When you say it "doesn't seem to be working" - can you elaborate ?
0
 
LVL 40

Accepted Solution

by:
Subsun earned 1000 total points
ID: 40586600
Mostly It's failing as the $user.manager is not a smtp address.. Try modifying Send-MailMessage command to..
Send-MailMessage -To (Get-Aduser $user.manager -Properties mail).Mail -From whatever@it.com -SmtpServer "servername" -Body "Password is Expired for $($user.name)" -Subject "Password"

Open in new window


Updated
Import-Module Activedirectory
 $expired = Search-ADAccount -AccountExpiring -TimeSpan 14.00:00:00 | Get-ADUser -Properties manager,mail,physicalDeliveryOfficeName |Select-Object name,manager,mail,physicalDeliveryOfficeName
 ForEach ($user in $expired) {
   Send-MailMessage -To (Get-Aduser $user.manager -Properties mail).Mail -From whatever@it.com -SmtpServer "servername" -Body "Password is Expired for $($user.name)" -Subject "Password"
 }
Export-Csv -path c:\temp\test.csv -NoTypeInformation -InputObject $expired

Open in new window

0
 
LVL 67

Assisted Solution

by:sirbounty
sirbounty earned 1000 total points
ID: 40586634
Good catch Subsun.
Also the body should be adjusted:
 -Body "Password is Expired for $($user.name)"
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 

Author Comment

by:jennileePerez
ID: 40586766
Thanks guys!  This looks great. My issue is it just seems to sit there at a blinking cursor, no email sent and no file exported.
If I do the search separately file export works fine so I know it's not a permission thing there.  Also I have tested sending as an attachment with send-mailmessage, and mailing works, it's when I add in the ForEach and try to get it to email to the manager that I have this issue.  I am probably missing something very simple
0
 
LVL 41

Expert Comment

by:footech
ID: 40586800
Also, account expiring and password expiring are two different things.  Which are you looking for?
0
 

Author Comment

by:jennileePerez
ID: 40586836
Accounts expiring within 14 days, not passwords.  That part works, I get what I am looking for, what I need to do after that is email the manager of this user to inform them that they have an employee with an end date coming up
0
 

Author Comment

by:jennileePerez
ID: 40586842
Sorry, my subject and body may have caused that confusion, I just had that for testing
0
 
LVL 71

Expert Comment

by:Qlemo
ID: 40586850
Add some debugging messages to see what is going on:
Import-Module Activedirectory
 $expired = Search-ADAccount -AccountExpiring -TimeSpan 14.00:00:00 | Get-ADUser -Properties manager,mail,physicalDeliveryOfficeName |Select-Object name,manager,mail,physicalDeliveryOfficeName
 ForEach ($user in $expired) {
   $mgr = (Get-Aduser $user.manager -Properties mail).Mail 
   Write-Host "Sending mail for $($user.Name) to $mgr"
   Send-MailMessage -To $mgr -From whatever@it.com -SmtpServer "servername" -Body "Password is Expired for $($user.name)" -Subject "Password"
 }
Export-Csv -path c:\temp\test.csv -NoTypeInformation -InputObject $expired

Open in new window

0
 
LVL 40

Expert Comment

by:Subsun
ID: 40586907
My issue is it just seems to sit there at a blinking cursor
How do you run the script? copy pasting in to PowerShell Console or saving the code in to .ps1 file and executing it from PowerShell console?

If you are copy pasting you need to press the Enter key until the PowerShell console return the prompt.

Probably a screen shot of where it is stuck may help..
0
 

Author Comment

by:jennileePerez
ID: 40586943
Thanks guys, it seems somehow I had an ' and space after ForEach, fixed and it's working great now! Thanks so much for your help!
0
 

Author Closing Comment

by:jennileePerez
ID: 40586945
Thanks!!
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question