Exchange
--
Questions
--
Followers
Top Experts
Office 365 Password Expiry Email Notification - Powershell
I'm trying to use a Powershell script to e-mail 365 users when their accounts are about to expire. MS do not offer e-mail notifications.. A joke, right! Anyway, someone has created an awesome script here...
https://community.spiceworks.com/how_to/133073-how-to-notify-office-365-users-that-passwords-will-expire
The script states that it will notify *everyone* in the domain if set. However, I would like it only set for 2 or 3 people max. The organisation is very small and the script appears to be pulling out resource accounts which are not required.
I believe the "tweak" can be done here in the first line, but i'm not even sure how to start! Ideally, i would like to add a few e-mail addresses to notify instead of everyone.
# Get Users From MSOL where Passwords Expire
#
$users = get-msoluser | where { $_.PasswordNeverExpires -eq $false }
$domain = Get-MSOLDomain | where {$_.IsDefault -eq $true }
$maxPasswordAge = ((Get-MsolPasswordPolicy -domain $domain.Name).ValidityPeri
#
##########################
#
# Process Each User for Password Expiry
#
foreach ($user in $users)
{
$Name = $user.DisplayName
$emailaddress = $user.UserPrincipalName
$passwordSetDate = $user.LastPasswordChangeTi
$expireson = $passwordsetdate + $maxPasswordAge
$today = (get-date)
$daystoexpire = (New-TimeSpan -Start $today -End $Expireson).Days
Any ideas would truly be helpful.
Many thanks
https://community.spiceworks.com/how_to/133073-how-to-notify-office-365-users-that-passwords-will-expire
The script states that it will notify *everyone* in the domain if set. However, I would like it only set for 2 or 3 people max. The organisation is very small and the script appears to be pulling out resource accounts which are not required.
I believe the "tweak" can be done here in the first line, but i'm not even sure how to start! Ideally, i would like to add a few e-mail addresses to notify instead of everyone.
# Get Users From MSOL where Passwords Expire
#
$users = get-msoluser | where { $_.PasswordNeverExpires -eq $false }
$domain = Get-MSOLDomain | where {$_.IsDefault -eq $true }
$maxPasswordAge = ((Get-MsolPasswordPolicy -domain $domain.Name).ValidityPeri
#
##########################
#
# Process Each User for Password Expiry
#
foreach ($user in $users)
{
$Name = $user.DisplayName
$emailaddress = $user.UserPrincipalName
$passwordSetDate = $user.LastPasswordChangeTi
$expireson = $passwordsetdate + $maxPasswordAge
$today = (get-date)
$daystoexpire = (New-TimeSpan -Start $today -End $Expireson).Days
Any ideas would truly be helpful.
Many thanks
Zero AI Policy
We believe in human intelligence. Our moderation policy strictly prohibits the use of LLM content in our Q&A threads.
SOLUTION
membership
Log in or create a free account to see answer.
Signing up is free and takes 30 seconds. No credit card required.
Brilliant! this is why i need the help from geniuses like you! I could add the Get-MsolUser -City string and ensure the correct contact variable within the users profile are filled. I'll give this a go and report back.
Thinking about it, i think the Islicensed parameter would work much better for my situation. Do you know how i could incorporate this instead? this appears to be the string Get-MsolUser | Where-Object { $_.isLicensed -eq "TRUE" } but i need to use the  where { $_.PasswordNeverExpires -eq $false }.
Additionally, when i use the get-msoluser -City param i get the expected results. When i combine it with | where { $_.PasswordNeverExpires -eq $false } Â i don't? I've tested for two accounts which i know do not have password never expired set but only get one of the two showing? Strange, as I'm sure the password policy is for everyone in the organisation other than individual users?
Additionally, when i use the get-msoluser -City param i get the expected results. When i combine it with | where { $_.PasswordNeverExpires -eq $false } Â i don't? I've tested for two accounts which i know do not have password never expired set but only get one of the two showing? Strange, as I'm sure the password policy is for everyone in the organisation other than individual users?
ASKER CERTIFIED SOLUTION
membership
Log in or create a free account to see answer.
Signing up is free and takes 30 seconds. No credit card required.
This works (thank you!) Â I made a slight tweak to test the true and false values..
Get-MsolUser -All  | where { $_.isLicensed -eq $true -and $_.PasswordNeverExpires -eq $false }
I was still experiencing problems, as one of my licenced accounts was still not appearing when testing. I used this line to test...
Get-MsolUser | Select UserPrincipalName, PasswordNeverExpires
.. And for one of the accounts which is licenced, the Password Never Expires column does not have a value, it is blank. This account was the main (owner) account of 365.
UserPrincipalName         PasswordNeverExpires
----------------- Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â --------------------
joe@mycompany.com        False
Owner@mycompany.com    Â
ted@mycompany.com        False
i figured out that for 365, the main admin/owner accounts are blank by default. Not too sure why but probably why the script did not work initially. So i'll have to set their value manually.
Thanks very much for your help!!!
Get-MsolUser -All  | where { $_.isLicensed -eq $true -and $_.PasswordNeverExpires -eq $false }
I was still experiencing problems, as one of my licenced accounts was still not appearing when testing. I used this line to test...
Get-MsolUser | Select UserPrincipalName, PasswordNeverExpires
.. And for one of the accounts which is licenced, the Password Never Expires column does not have a value, it is blank. This account was the main (owner) account of 365.
UserPrincipalName         PasswordNeverExpires
----------------- Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â --------------------
joe@mycompany.com        False
Owner@mycompany.com    Â
ted@mycompany.com        False
i figured out that for 365, the main admin/owner accounts are blank by default. Not too sure why but probably why the script did not work initially. So i'll have to set their value manually.
Thanks very much for your help!!!
EARN REWARDS FOR ASKING, ANSWERING, AND MORE.
Earn free swag for participating on the platform.
Exchange
--
Questions
--
Followers
Top Experts
Exchange is the server side of a collaborative application product that is part of the Microsoft Server infrastructure. Exchange's major features include email, calendaring, contacts and tasks, support for mobile and web-based access to information, and support for data storage.