Office 365 Password Expiry Email Notification - Powershell

I'm trying to use a Powershell script to e-mail 365 users when their accounts are about to expire. MS do not offer e-mail notifications.. A joke, right! Anyway, someone has created an awesome script here...

https://community.spiceworks.com/how_to/133073-how-to-notify-office-365-users-that-passwords-will-expire

The script states that it will notify *everyone* in the domain if set. However, I would like it only set for 2 or 3 people max. The organisation is very small and the script appears to be pulling out resource accounts which are not required.

I believe the "tweak" can be done here in the first line, but i'm not even sure how to start! Ideally, i would like to add a few e-mail addresses to notify instead of everyone.

# Get Users From MSOL where Passwords Expire
#
$users = get-msoluser | where { $_.PasswordNeverExpires -eq $false }
$domain = Get-MSOLDomain | where {$_.IsDefault -eq $true }
$maxPasswordAge = ((Get-MsolPasswordPolicy -domain $domain.Name).ValidityPeriod).ToString()
#
###################################################################################################################
#
# Process Each User for Password Expiry
#
foreach ($user in $users)
{
$Name = $user.DisplayName
$emailaddress = $user.UserPrincipalName
$passwordSetDate = $user.LastPasswordChangeTimestamp
$expireson = $passwordsetdate + $maxPasswordAge
$today = (get-date)
$daystoexpire = (New-TimeSpan -Start $today -End $Expireson).Days



Any ideas would truly be helpful.

Many thanks
N00b2015Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Vasil Michev (MVP)Commented:
Well how do you designate those users? What is common for them? City? Department? License type? For example, you can try this to only include users for which the Usage Location is set to US:

$users = Get-MsolUser -UsageLocation US  | where { $_.PasswordNeverExpires -eq $false }

Open in new window

N00b2015Author Commented:
Brilliant! this is why i need the help from geniuses like you! I could add the Get-MsolUser -City string and ensure the correct contact variable within the users profile are filled. I'll give this a go and report back.
N00b2015Author Commented:
Thinking about it, i think the Islicensed parameter would work much better for my situation. Do you know how i could incorporate this instead? this appears to be the string Get-MsolUser | Where-Object { $_.isLicensed -eq "TRUE" } but i need to use the  where { $_.PasswordNeverExpires -eq $false }.

Additionally, when i use the get-msoluser -City param i get the expected results. When i combine it with | where { $_.PasswordNeverExpires -eq $false }  i don't? I've tested for two accounts which i know do not have password never expired set but only get one of the two showing? Strange, as I'm sure the password policy is for everyone in the organisation other than individual users?
Vasil Michev (MVP)Commented:
Try this:

$users = Get-MsolUser -All  | where { $_.isLicensed -eq "TRUE" -and $_.PasswordNeverExpires -eq $false }

Open in new window

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
N00b2015Author Commented:
This works (thank you!)  I made a slight tweak to test the true and false values..

Get-MsolUser -All  | where { $_.isLicensed -eq $true -and $_.PasswordNeverExpires -eq $false }

I was still experiencing problems, as one of my licenced accounts was still not appearing when testing. I used this line to test...

Get-MsolUser | Select UserPrincipalName, PasswordNeverExpires

.. And for one of the accounts which is licenced, the Password Never Expires column does not have a value, it is blank. This account was the main (owner) account of 365.

UserPrincipalName                PasswordNeverExpires
-----------------                                --------------------
joe@mycompany.com              False
Owner@mycompany.com        
ted@mycompany.com              False

i figured out that for 365, the main admin/owner accounts are blank by default. Not too sure why but probably why the script did not work initially. So i'll have to set their value manually.

Thanks very much for your help!!!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Powershell

From novice to tech pro — start learning today.