need a powershell script that will notifify when users pwd reaches the 60day mark

can someone provide a powershell or Quest AD cmdlets script that will check the members of a security group in AD daily and if any of the members of that group password reaches the 60 day mark. [or 30 days from expiry]  to send an automated email.

thx in advance,

Who is Participating?
Stelian StanNetwork AdministratorCommented:
you can use this script:
just change this line:
$notificationstartday = 14 to $notificationstartday = 60

also change the following lines according to your environment:
$sendermailaddress = ""            
$SMTPserver = ""            
$DN = "DC=contoso,DC=com"
siber1Author Commented:
thx. I've seen that one, however how would I modify it to key on only select members of a particular security group as mentioned in my original question. [not all AD users]

Stelian StanNetwork AdministratorCommented:
For that you can change this line:

foreach ($user in (Get-ADUser -SearchBase $DN -Filter * -properties mail))

change -Filter * to -Filter { Name -like 'John*' }
Stelian StanNetwork AdministratorCommented:
if you want to select just a group then;

Get-ADGroup -Filter {GroupScope -eq "Security"}
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.