need a powershell script that will notifify when users pwd reaches the 60day mark

can someone provide a powershell or Quest AD cmdlets script that will check the members of a security group in AD daily and if any of the members of that group password reaches the 60 day mark. [or 30 days from expiry]  to send an automated email.

thx in advance,

S.
siber1Asked:
Who is Participating?
 
Stelian StanNetwork AdministratorCommented:
you can use this script: http://social.technet.microsoft.com/wiki/contents/articles/23313.notify-active-directory-users-about-password-expiry-using-powershell.aspx
just change this line:
$notificationstartday = 14 to $notificationstartday = 60

also change the following lines according to your environment:
$sendermailaddress = "no-reply@contoso.com"            
$SMTPserver = "mail.contoso.com"            
$DN = "DC=contoso,DC=com"
0
 
siber1Author Commented:
thx. I've seen that one, however how would I modify it to key on only select members of a particular security group as mentioned in my original question. [not all AD users]

S.
0
 
Stelian StanNetwork AdministratorCommented:
For that you can change this line:

foreach ($user in (Get-ADUser -SearchBase $DN -Filter * -properties mail))

change -Filter * to -Filter { Name -like 'John*' }
0
 
Stelian StanNetwork AdministratorCommented:
if you want to select just a group then;

Get-ADGroup -Filter {GroupScope -eq "Security"}
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.