locked
notification script RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote
    Hello everyone, I have a script which notificate users about their passwords, we need change some words in text which users recieve ,  we need some words will be red and highlight, how can I do this?

    System administrator

    Tuesday, September 25, 2018 12:32 PM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote

    Here is a quick example:

    # PSPwdExpires.ps1
# PowerShell script to find all user accounts where the password
# is about to expire in a specified number of days.
#
# ----------------------------------------------------------------------
# Copyright (c) 2011 Richard L. Mueller
# Hilltop Lab web site - http://www.rlmueller.net
# Version 1.0 - March 23, 2011
# Version 1.1 - April 6, 2011 - Added email function.
#
# This program assumes there is one password policy for the domain. The
# program finds all users whose password will expire in the specified
# period.
#
# You have a royalty-free right to use, modify, reproduce, and
# distribute this script file in any way you find useful, provided that
# you agree that the copyright owner above has no warranty, obligations,
# or liability for such use.

# Specify number of days. Any users whose passwords expire within
# this many days after today will be processed.
$intDays = 1
$intDays = 3
$intDays = 5

$mailProps = @{
    From = "notifications@x.com"
    Subject = "Password Expiration Notice"
    Server = "192.168.x.x"
    Port = 25
    BodyAsHtml = $true
}
$bodyTemplate = @'
<html>
<body>
<p> <font color="red">Hello</font> {0},</p>
<p>xxxxxxxxxxxxxxxxxxxxxxxxx {1} sssssssssssssssss {2}.</p>'
</body>
</html>
'@ #'
 # Retrieve Domain maximum password age policy, in days.
$Domain =[System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain().GetDirectoryEntry()
$MPA = $Domain.maxPwdAge.Value
# Convert to Int64 ticks (100-nanosecond intervals).
$lngMaxPwdAge = $Domain.ConvertLargeIntegerToInt64($MPA)
# Convert to days.
$MaxPwdAge = -$lngMaxPwdAge/(600000000 * 1440)

# Determine the password last changed date such that the password
# would just now be expired. We will not process any users whose
# password has already expired.
$Now = Get-Date
$Date1 = $Now.AddDays(-$MaxPwdAge)

# Determine the password last changed date such the password
# will expire $intDays in the future.
$Date2 = $Now.AddDays($intDays - $MaxPwdAge)

# Convert from PowerShell ticks to Active Directory ticks.
 $64Bit1 = $Date1.Ticks - 504911232000000000
 $64Bit2 = $Date2.Ticks - 504911232000000000

 $Searcher = New-Object System.DirectoryServices.DirectorySearcher
 $Searcher.PageSize = 200
 $Searcher.SearchScope = "subtree"

 # Filter on user objects where the password expires between the
 # dates specified, the account is not disabled, password never
 # expires is not set, password not required is not set.
 # and password cannot change is not set.
 $Searcher.Filter = "(&(objectCategory=person)(objectClass=user)" `
     + "(pwdLastSet>=" + $($64Bit1) + ")" `
     + "(pwdLastSet<=" + $($64Bit2) + ")" `
     + "(!userAccountControl:1.2.840.113556.1.4.803:=2)" `
     + "(!userAccountControl:1.2.840.113556.1.4.803:=65536)" `
     + "(!userAccountControl:1.2.840.113556.1.4.803:=32)" `
     + "(!userAccountControl:1.2.840.113556.1.4.803:=48))"

 $Searcher.PropertiesToLoad.Add("sAMAccountName") > $Null
 $Searcher.PropertiesToLoad.Add("DisplayName") > $Null
 $Searcher.PropertiesToLoad.Add("pwdLastSet") > $Null
 $Searcher.PropertiesToLoad.Add("mail") > $Null
 $Searcher.PropertiesToLoad.Add("proxyAddresses") > $Null
 $Searcher.SearchRoot = $Domain

 $Results = $Searcher.FindAll()
 ForEach ($Result In $Results){
     $Name = $Result.Properties.Item("sAMAccountName")
     $DisplayName = $Result.Properties.Item("DisplayName")
     $PLS = $Result.Properties.Item("pwdLastSet")
     $Mail = $Result.Properties.Item("mail")
     $Addresses = $Result.Properties.Item("proxyAddresses")
     If ($PLS.Count -eq 0){
         $Date = [DateTime]0
     }else{
         # Interpret 64-bit integer as a date.
         $Date = [DateTime]$PLS.Item(0)
     }
     # Convert from .NET ticks to Active Directory Integer8 ticks.
     # Also, convert from UTC to local time.
     $PwdLastSet = $Date.AddYears(1600).ToLocalTime()
     # Determine when password expires.
     $PwdExpires = $PwdLastSet.AddDays($MaxPwdAge)

     # Determine email address.
     If (-not $Mail) {
         ForEach ($Address In $Addresses){
             $Prefix = $Address.SubString(0, 5)
             If (($Prefix -ceq "SMTP:") -or ($Prefix -ceq "X400:")){
                 $Mail = $Address.SubString(5)
                 Break
             }
         }
     }
     If($Mail){
        $body = $bodyTemplate -f $DisplayName,$Name,$PwdExpires
        Send-MailMessage -To $Mail -Body $Notice @mailProps
        "Email sent to $Name ($Mail), password expires $PwdExpires"
     }else{
         "$Name has no email, but password expires $PwdExpires"
         "DN: $DN"
     }
 }

    \_(ツ)_/


    • Edited by jrv Tuesday, September 25, 2018 1:29 PM
    • Marked as answer by Farid Ahmadov Wednesday, September 26, 2018 5:36 AM
    Tuesday, September 25, 2018 1:22 PM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote
    # PSPwdExpires.ps1
    # PowerShell script to find all user accounts where the password
    # is about to expire in a specified number of days.
    #
    # ----------------------------------------------------------------------
    # Copyright (c) 2011 Richard L. Mueller
    # Hilltop Lab web site - http://www.rlmueller.net
    # Version 1.0 - March 23, 2011
    # Version 1.1 - April 6, 2011 - Added email function.
    #
    # This program assumes there is one password policy for the domain. The
    # program finds all users whose password will expire in the specified
    # period.
    #
    # You have a royalty-free right to use, modify, reproduce, and
    # distribute this script file in any way you find useful, provided that
    # you agree that the copyright owner above has no warranty, obligations,
    # or liability for such use.

    Trap {"Error: $_"; Break;}

    # Specify number of days. Any users whose passwords expire within
    # this many days after today will be processed.
    $intDays = 1
    $intDays = 3
    $intDays = 5

    # Email settings.
    $Script:From = "notifications@x.com"
    $Script:Subject = "Password Expiration Notice"
    $Server = "192.168.x.x"
    $Port = 25
    $Client = New-Object System.Net.Mail.SmtpClient $Server, $Port
    # You may need to provide credentials.
    $Client.Credentials = [System.Net.CredentialCache]::DefaultNetworkCredentials

    Function SendEmail($To, $Body)
    {
        $Message = New-Object System.Net.Mail.MailMessage `
            $Script:From, $To, $Script:Subject, $Body
        $Client.Send($Message)
    }

    # Retrieve Domain maximum password age policy, in days.
    $D = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()
    $Domain = [ADSI]"LDAP://$D"
    $MPA = $Domain.maxPwdAge.Value
    # Convert to Int64 ticks (100-nanosecond intervals).
    $lngMaxPwdAge = $Domain.ConvertLargeIntegerToInt64($MPA)
    # Convert to days.
    $MaxPwdAge = -$lngMaxPwdAge/(600000000 * 1440)

    # Determine the password last changed date such that the password
    # would just now be expired. We will not process any users whose
    # password has already expired.
    $Now = Get-Date
    $Date1 = $Now.AddDays(-$MaxPwdAge)

    # Determine the password last changed date such the password
    # will expire $intDays in the future.
    $Date2 = $Now.AddDays($intDays - $MaxPwdAge)

    # Convert from PowerShell ticks to Active Directory ticks.
    $64Bit1 = $Date1.Ticks - 504911232000000000
    $64Bit2 = $Date2.Ticks - 504911232000000000

    $Searcher = New-Object System.DirectoryServices.DirectorySearcher
    $Searcher.PageSize = 200
    $Searcher.SearchScope = "subtree"

    # Filter on user objects where the password expires between the
    # dates specified, the account is not disabled, password never
    # expires is not set, password not required is not set.
    # and password cannot change is not set.
    $Searcher.Filter = "(&(objectCategory=person)(objectClass=user)" `
        + "(pwdLastSet>=" + $($64Bit1) + ")" `
        + "(pwdLastSet<=" + $($64Bit2) + ")" `
        + "(!userAccountControl:1.2.840.113556.1.4.803:=2)" `
        + "(!userAccountControl:1.2.840.113556.1.4.803:=65536)" `
        + "(!userAccountControl:1.2.840.113556.1.4.803:=32)" `
        + "(!userAccountControl:1.2.840.113556.1.4.803:=48))"

    $Searcher.PropertiesToLoad.Add("sAMAccountName") > $Null
    $Searcher.PropertiesToLoad.Add("DisplayName") > $Null
    $Searcher.PropertiesToLoad.Add("pwdLastSet") > $Null
    $Searcher.PropertiesToLoad.Add("mail") > $Null
    $Searcher.PropertiesToLoad.Add("proxyAddresses") > $Null
    $Searcher.SearchRoot = "LDAP://" + $Domain.distinguishedName

    $Results = $Searcher.FindAll()
    ForEach ($Result In $Results)
    {
        $Name = $Result.Properties.Item("sAMAccountName")
        $DisplayName = $Result.Properties.Item("DisplayName")
        $PLS = $Result.Properties.Item("pwdLastSet")
        $Mail = $Result.Properties.Item("mail")
        $Addresses = $Result.Properties.Item("proxyAddresses")
        If ($PLS.Count -eq 0)
        {
            $Date = [DateTime]0
        }
        Else
        {
            # Interpret 64-bit integer as a date.
            $Date = [DateTime]$PLS.Item(0)
        }
        # Convert from .NET ticks to Active Directory Integer8 ticks.
        # Also, convert from UTC to local time.
        $PwdLastSet = $Date.AddYears(1600).ToLocalTime()
        # Determine when password expires.
        $PwdExpires = $PwdLastSet.AddDays($MaxPwdAge)

        # Determine email address.
        If ("$Mail" -eq "")
        {
            ForEach ($Address In $Addresses)
            {
                $Prefix = $Address.SubString(0, 5)
                If (($Prefix -ceq "SMTP:") -or ($Prefix -ceq "X400:"))
                {
                    $Mail = $Address.SubString(5)
                    Break
                }
            }
        }
        If ("$Mail" -ne "")
        {
            $Notice = " Hello $DisplayName,

    xxxxxxxxxxxxxxxxxxxxxxxxx $Name sssssssssssssssss $PwdExpires. "
            SendEmail $Mail $Notice
            "Email sent to $Name ($Mail), password expires $PwdExpires"
        }
        Else
        {
            "$Name has no email, but password expires $PwdExpires"
            "DN: $DN"
        }
    }

    System administrator

    Tuesday, September 25, 2018 12:41 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    FOR EXAMPLE I NEED CHANGE WORD "HELLO" to red colour 

    System administrator

    Tuesday, September 25, 2018 12:43 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    You cannot add color to a plain text email. You will have to rewrite the code to use HTML.

    \_(ツ)_/

    Tuesday, September 25, 2018 12:45 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    thank you

    System administrator

    Tuesday, September 25, 2018 1:06 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Here is a quick example:

    # PSPwdExpires.ps1
# PowerShell script to find all user accounts where the password
# is about to expire in a specified number of days.
#
# ----------------------------------------------------------------------
# Copyright (c) 2011 Richard L. Mueller
# Hilltop Lab web site - http://www.rlmueller.net
# Version 1.0 - March 23, 2011
# Version 1.1 - April 6, 2011 - Added email function.
#
# This program assumes there is one password policy for the domain. The
# program finds all users whose password will expire in the specified
# period.
#
# You have a royalty-free right to use, modify, reproduce, and
# distribute this script file in any way you find useful, provided that
# you agree that the copyright owner above has no warranty, obligations,
# or liability for such use.

# Specify number of days. Any users whose passwords expire within
# this many days after today will be processed.
$intDays = 1
$intDays = 3
$intDays = 5

$mailProps = @{
    From = "notifications@x.com"
    Subject = "Password Expiration Notice"
    Server = "192.168.x.x"
    Port = 25
    BodyAsHtml = $true
}
$bodyTemplate = @'
<html>
<body>
<p> <font color="red">Hello</font> {0},</p>
<p>xxxxxxxxxxxxxxxxxxxxxxxxx {1} sssssssssssssssss {2}.</p>'
</body>
</html>
'@ #'
 # Retrieve Domain maximum password age policy, in days.
$Domain =[System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain().GetDirectoryEntry()
$MPA = $Domain.maxPwdAge.Value
# Convert to Int64 ticks (100-nanosecond intervals).
$lngMaxPwdAge = $Domain.ConvertLargeIntegerToInt64($MPA)
# Convert to days.
$MaxPwdAge = -$lngMaxPwdAge/(600000000 * 1440)

# Determine the password last changed date such that the password
# would just now be expired. We will not process any users whose
# password has already expired.
$Now = Get-Date
$Date1 = $Now.AddDays(-$MaxPwdAge)

# Determine the password last changed date such the password
# will expire $intDays in the future.
$Date2 = $Now.AddDays($intDays - $MaxPwdAge)

# Convert from PowerShell ticks to Active Directory ticks.
 $64Bit1 = $Date1.Ticks - 504911232000000000
 $64Bit2 = $Date2.Ticks - 504911232000000000

 $Searcher = New-Object System.DirectoryServices.DirectorySearcher
 $Searcher.PageSize = 200
 $Searcher.SearchScope = "subtree"

 # Filter on user objects where the password expires between the
 # dates specified, the account is not disabled, password never
 # expires is not set, password not required is not set.
 # and password cannot change is not set.
 $Searcher.Filter = "(&(objectCategory=person)(objectClass=user)" `
     + "(pwdLastSet>=" + $($64Bit1) + ")" `
     + "(pwdLastSet<=" + $($64Bit2) + ")" `
     + "(!userAccountControl:1.2.840.113556.1.4.803:=2)" `
     + "(!userAccountControl:1.2.840.113556.1.4.803:=65536)" `
     + "(!userAccountControl:1.2.840.113556.1.4.803:=32)" `
     + "(!userAccountControl:1.2.840.113556.1.4.803:=48))"

 $Searcher.PropertiesToLoad.Add("sAMAccountName") > $Null
 $Searcher.PropertiesToLoad.Add("DisplayName") > $Null
 $Searcher.PropertiesToLoad.Add("pwdLastSet") > $Null
 $Searcher.PropertiesToLoad.Add("mail") > $Null
 $Searcher.PropertiesToLoad.Add("proxyAddresses") > $Null
 $Searcher.SearchRoot = $Domain

 $Results = $Searcher.FindAll()
 ForEach ($Result In $Results){
     $Name = $Result.Properties.Item("sAMAccountName")
     $DisplayName = $Result.Properties.Item("DisplayName")
     $PLS = $Result.Properties.Item("pwdLastSet")
     $Mail = $Result.Properties.Item("mail")
     $Addresses = $Result.Properties.Item("proxyAddresses")
     If ($PLS.Count -eq 0){
         $Date = [DateTime]0
     }else{
         # Interpret 64-bit integer as a date.
         $Date = [DateTime]$PLS.Item(0)
     }
     # Convert from .NET ticks to Active Directory Integer8 ticks.
     # Also, convert from UTC to local time.
     $PwdLastSet = $Date.AddYears(1600).ToLocalTime()
     # Determine when password expires.
     $PwdExpires = $PwdLastSet.AddDays($MaxPwdAge)

     # Determine email address.
     If (-not $Mail) {
         ForEach ($Address In $Addresses){
             $Prefix = $Address.SubString(0, 5)
             If (($Prefix -ceq "SMTP:") -or ($Prefix -ceq "X400:")){
                 $Mail = $Address.SubString(5)
                 Break
             }
         }
     }
     If($Mail){
        $body = $bodyTemplate -f $DisplayName,$Name,$PwdExpires
        Send-MailMessage -To $Mail -Body $Notice @mailProps
        "Email sent to $Name ($Mail), password expires $PwdExpires"
     }else{
         "$Name has no email, but password expires $PwdExpires"
         "DN: $DN"
     }
 }

    \_(ツ)_/


    • Edited by jrv Tuesday, September 25, 2018 1:29 PM
    • Marked as answer by Farid Ahmadov Wednesday, September 26, 2018 5:36 AM
    Tuesday, September 25, 2018 1:22 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    How Can I change date in script I need user recieve notification in this format day/month/year/    but  users recieve in this format   month/day/year   date in server change as I need but it not work 

    System administrator


    Monday, October 1, 2018 7:03 AM