locked
notification script RRS feed

  • Question

  • Hello everyone, I have a script which notificate users about their passwords, we need change some words in text which users recieve ,  we need some words will be red and highlight, how can I do this?

    System administrator

    Tuesday, September 25, 2018 12:32 PM

Answers

  • Here is a quick example:

    # PSPwdExpires.ps1
    # PowerShell script to find all user accounts where the password
    # is about to expire in a specified number of days.
    #
    # ----------------------------------------------------------------------
    # Copyright (c) 2011 Richard L. Mueller
    # Hilltop Lab web site - http://www.rlmueller.net
    # Version 1.0 - March 23, 2011
    # Version 1.1 - April 6, 2011 - Added email function.
    #
    # This program assumes there is one password policy for the domain. The
    # program finds all users whose password will expire in the specified
    # period.
    #
    # You have a royalty-free right to use, modify, reproduce, and
    # distribute this script file in any way you find useful, provided that
    # you agree that the copyright owner above has no warranty, obligations,
    # or liability for such use.
    
    # Specify number of days. Any users whose passwords expire within
    # this many days after today will be processed.
    $intDays = 1
    $intDays = 3
    $intDays = 5
    
    $mailProps = @{
        From = "notifications@x.com"
        Subject = "Password Expiration Notice"
        Server = "192.168.x.x"
        Port = 25
        BodyAsHtml = $true
    }
    $bodyTemplate = @'
    <html>
    <body>
    <p> <font color="red">Hello</font> {0},</p>
    <p>xxxxxxxxxxxxxxxxxxxxxxxxx {1} sssssssssssssssss {2}.</p>'
    </body>
    </html>
    '@ #'
     # Retrieve Domain maximum password age policy, in days.
    $Domain =[System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain().GetDirectoryEntry()
    $MPA = $Domain.maxPwdAge.Value
    # Convert to Int64 ticks (100-nanosecond intervals).
    $lngMaxPwdAge = $Domain.ConvertLargeIntegerToInt64($MPA)
    # Convert to days.
    $MaxPwdAge = -$lngMaxPwdAge/(600000000 * 1440)
    
    # Determine the password last changed date such that the password
    # would just now be expired. We will not process any users whose
    # password has already expired.
    $Now = Get-Date
    $Date1 = $Now.AddDays(-$MaxPwdAge)
    
    # Determine the password last changed date such the password
    # will expire $intDays in the future.
    $Date2 = $Now.AddDays($intDays - $MaxPwdAge)
    
    # Convert from PowerShell ticks to Active Directory ticks.
     $64Bit1 = $Date1.Ticks - 504911232000000000
     $64Bit2 = $Date2.Ticks - 504911232000000000
    
     $Searcher = New-Object System.DirectoryServices.DirectorySearcher
     $Searcher.PageSize = 200
     $Searcher.SearchScope = "subtree"
    
     # Filter on user objects where the password expires between the
     # dates specified, the account is not disabled, password never
     # expires is not set, password not required is not set.
     # and password cannot change is not set.
     $Searcher.Filter = "(&(objectCategory=person)(objectClass=user)" `
         + "(pwdLastSet>=" + $($64Bit1) + ")" `
         + "(pwdLastSet<=" + $($64Bit2) + ")" `
         + "(!userAccountControl:1.2.840.113556.1.4.803:=2)" `
         + "(!userAccountControl:1.2.840.113556.1.4.803:=65536)" `
         + "(!userAccountControl:1.2.840.113556.1.4.803:=32)" `
         + "(!userAccountControl:1.2.840.113556.1.4.803:=48))"
    
     $Searcher.PropertiesToLoad.Add("sAMAccountName") > $Null
     $Searcher.PropertiesToLoad.Add("DisplayName") > $Null
     $Searcher.PropertiesToLoad.Add("pwdLastSet") > $Null
     $Searcher.PropertiesToLoad.Add("mail") > $Null
     $Searcher.PropertiesToLoad.Add("proxyAddresses") > $Null
     $Searcher.SearchRoot = $Domain
    
     $Results = $Searcher.FindAll()
     ForEach ($Result In $Results){
         $Name = $Result.Properties.Item("sAMAccountName")
         $DisplayName = $Result.Properties.Item("DisplayName")
         $PLS = $Result.Properties.Item("pwdLastSet")
         $Mail = $Result.Properties.Item("mail")
         $Addresses = $Result.Properties.Item("proxyAddresses")
         If ($PLS.Count -eq 0){
             $Date = [DateTime]0
         }else{
             # Interpret 64-bit integer as a date.
             $Date = [DateTime]$PLS.Item(0)
         }
         # Convert from .NET ticks to Active Directory Integer8 ticks.
         # Also, convert from UTC to local time.
         $PwdLastSet = $Date.AddYears(1600).ToLocalTime()
         # Determine when password expires.
         $PwdExpires = $PwdLastSet.AddDays($MaxPwdAge)
    
         # Determine email address.
         If (-not $Mail) {
             ForEach ($Address In $Addresses){
                 $Prefix = $Address.SubString(0, 5)
                 If (($Prefix -ceq "SMTP:") -or ($Prefix -ceq "X400:")){
                     $Mail = $Address.SubString(5)
                     Break
                 }
             }
         }
         If($Mail){
            $body = $bodyTemplate -f $DisplayName,$Name,$PwdExpires
            Send-MailMessage -To $Mail -Body $Notice @mailProps
            "Email sent to $Name ($Mail), password expires $PwdExpires"
         }else{
             "$Name has no email, but password expires $PwdExpires"
             "DN: $DN"
         }
     }


    \_(ツ)_/


    • Edited by jrv Tuesday, September 25, 2018 1:29 PM
    • Marked as answer by Farid Ahmadov Wednesday, September 26, 2018 5:36 AM
    Tuesday, September 25, 2018 1:22 PM

All replies

  • # PSPwdExpires.ps1
    # PowerShell script to find all user accounts where the password
    # is about to expire in a specified number of days.
    #
    # ----------------------------------------------------------------------
    # Copyright (c) 2011 Richard L. Mueller
    # Hilltop Lab web site - http://www.rlmueller.net
    # Version 1.0 - March 23, 2011
    # Version 1.1 - April 6, 2011 - Added email function.
    #
    # This program assumes there is one password policy for the domain. The
    # program finds all users whose password will expire in the specified
    # period.
    #
    # You have a royalty-free right to use, modify, reproduce, and
    # distribute this script file in any way you find useful, provided that
    # you agree that the copyright owner above has no warranty, obligations,
    # or liability for such use.

    Trap {"Error: $_"; Break;}

    # Specify number of days. Any users whose passwords expire within
    # this many days after today will be processed.
    $intDays = 1
    $intDays = 3
    $intDays = 5

    # Email settings.
    $Script:From = "notifications@x.com"
    $Script:Subject = "Password Expiration Notice"
    $Server = "192.168.x.x"
    $Port = 25
    $Client = New-Object System.Net.Mail.SmtpClient $Server, $Port
    # You may need to provide credentials.
    $Client.Credentials = [System.Net.CredentialCache]::DefaultNetworkCredentials

    Function SendEmail($To, $Body)
    {
        $Message = New-Object System.Net.Mail.MailMessage `
            $Script:From, $To, $Script:Subject, $Body
        $Client.Send($Message)
    }

    # Retrieve Domain maximum password age policy, in days.
    $D = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()
    $Domain = [ADSI]"LDAP://$D"
    $MPA = $Domain.maxPwdAge.Value
    # Convert to Int64 ticks (100-nanosecond intervals).
    $lngMaxPwdAge = $Domain.ConvertLargeIntegerToInt64($MPA)
    # Convert to days.
    $MaxPwdAge = -$lngMaxPwdAge/(600000000 * 1440)

    # Determine the password last changed date such that the password
    # would just now be expired. We will not process any users whose
    # password has already expired.
    $Now = Get-Date
    $Date1 = $Now.AddDays(-$MaxPwdAge)

    # Determine the password last changed date such the password
    # will expire $intDays in the future.
    $Date2 = $Now.AddDays($intDays - $MaxPwdAge)

    # Convert from PowerShell ticks to Active Directory ticks.
    $64Bit1 = $Date1.Ticks - 504911232000000000
    $64Bit2 = $Date2.Ticks - 504911232000000000

    $Searcher = New-Object System.DirectoryServices.DirectorySearcher
    $Searcher.PageSize = 200
    $Searcher.SearchScope = "subtree"

    # Filter on user objects where the password expires between the
    # dates specified, the account is not disabled, password never
    # expires is not set, password not required is not set.
    # and password cannot change is not set.
    $Searcher.Filter = "(&(objectCategory=person)(objectClass=user)" `
        + "(pwdLastSet>=" + $($64Bit1) + ")" `
        + "(pwdLastSet<=" + $($64Bit2) + ")" `
        + "(!userAccountControl:1.2.840.113556.1.4.803:=2)" `
        + "(!userAccountControl:1.2.840.113556.1.4.803:=65536)" `
        + "(!userAccountControl:1.2.840.113556.1.4.803:=32)" `
        + "(!userAccountControl:1.2.840.113556.1.4.803:=48))"

    $Searcher.PropertiesToLoad.Add("sAMAccountName") > $Null
    $Searcher.PropertiesToLoad.Add("DisplayName") > $Null
    $Searcher.PropertiesToLoad.Add("pwdLastSet") > $Null
    $Searcher.PropertiesToLoad.Add("mail") > $Null
    $Searcher.PropertiesToLoad.Add("proxyAddresses") > $Null
    $Searcher.SearchRoot = "LDAP://" + $Domain.distinguishedName

    $Results = $Searcher.FindAll()
    ForEach ($Result In $Results)
    {
        $Name = $Result.Properties.Item("sAMAccountName")
        $DisplayName = $Result.Properties.Item("DisplayName")
        $PLS = $Result.Properties.Item("pwdLastSet")
        $Mail = $Result.Properties.Item("mail")
        $Addresses = $Result.Properties.Item("proxyAddresses")
        If ($PLS.Count -eq 0)
        {
            $Date = [DateTime]0
        }
        Else
        {
            # Interpret 64-bit integer as a date.
            $Date = [DateTime]$PLS.Item(0)
        }
        # Convert from .NET ticks to Active Directory Integer8 ticks.
        # Also, convert from UTC to local time.
        $PwdLastSet = $Date.AddYears(1600).ToLocalTime()
        # Determine when password expires.
        $PwdExpires = $PwdLastSet.AddDays($MaxPwdAge)

        # Determine email address.
        If ("$Mail" -eq "")
        {
            ForEach ($Address In $Addresses)
            {
                $Prefix = $Address.SubString(0, 5)
                If (($Prefix -ceq "SMTP:") -or ($Prefix -ceq "X400:"))
                {
                    $Mail = $Address.SubString(5)
                    Break
                }
            }
        }
        If ("$Mail" -ne "")
        {
            $Notice = " Hello $DisplayName,

    xxxxxxxxxxxxxxxxxxxxxxxxx $Name sssssssssssssssss $PwdExpires. "
            SendEmail $Mail $Notice
            "Email sent to $Name ($Mail), password expires $PwdExpires"
        }
        Else
        {
            "$Name has no email, but password expires $PwdExpires"
            "DN: $DN"
        }
    }

    System administrator

    Tuesday, September 25, 2018 12:41 PM
  • FOR EXAMPLE I NEED CHANGE WORD "HELLO" to red colour 

    System administrator

    Tuesday, September 25, 2018 12:43 PM
  • You cannot add color to a plain text email. You will have to rewrite the code to use HTML.


    \_(ツ)_/

    Tuesday, September 25, 2018 12:45 PM
  • thank you

    System administrator

    Tuesday, September 25, 2018 1:06 PM
  • Here is a quick example:

    # PSPwdExpires.ps1
    # PowerShell script to find all user accounts where the password
    # is about to expire in a specified number of days.
    #
    # ----------------------------------------------------------------------
    # Copyright (c) 2011 Richard L. Mueller
    # Hilltop Lab web site - http://www.rlmueller.net
    # Version 1.0 - March 23, 2011
    # Version 1.1 - April 6, 2011 - Added email function.
    #
    # This program assumes there is one password policy for the domain. The
    # program finds all users whose password will expire in the specified
    # period.
    #
    # You have a royalty-free right to use, modify, reproduce, and
    # distribute this script file in any way you find useful, provided that
    # you agree that the copyright owner above has no warranty, obligations,
    # or liability for such use.
    
    # Specify number of days. Any users whose passwords expire within
    # this many days after today will be processed.
    $intDays = 1
    $intDays = 3
    $intDays = 5
    
    $mailProps = @{
        From = "notifications@x.com"
        Subject = "Password Expiration Notice"
        Server = "192.168.x.x"
        Port = 25
        BodyAsHtml = $true
    }
    $bodyTemplate = @'
    <html>
    <body>
    <p> <font color="red">Hello</font> {0},</p>
    <p>xxxxxxxxxxxxxxxxxxxxxxxxx {1} sssssssssssssssss {2}.</p>'
    </body>
    </html>
    '@ #'
     # Retrieve Domain maximum password age policy, in days.
    $Domain =[System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain().GetDirectoryEntry()
    $MPA = $Domain.maxPwdAge.Value
    # Convert to Int64 ticks (100-nanosecond intervals).
    $lngMaxPwdAge = $Domain.ConvertLargeIntegerToInt64($MPA)
    # Convert to days.
    $MaxPwdAge = -$lngMaxPwdAge/(600000000 * 1440)
    
    # Determine the password last changed date such that the password
    # would just now be expired. We will not process any users whose
    # password has already expired.
    $Now = Get-Date
    $Date1 = $Now.AddDays(-$MaxPwdAge)
    
    # Determine the password last changed date such the password
    # will expire $intDays in the future.
    $Date2 = $Now.AddDays($intDays - $MaxPwdAge)
    
    # Convert from PowerShell ticks to Active Directory ticks.
     $64Bit1 = $Date1.Ticks - 504911232000000000
     $64Bit2 = $Date2.Ticks - 504911232000000000
    
     $Searcher = New-Object System.DirectoryServices.DirectorySearcher
     $Searcher.PageSize = 200
     $Searcher.SearchScope = "subtree"
    
     # Filter on user objects where the password expires between the
     # dates specified, the account is not disabled, password never
     # expires is not set, password not required is not set.
     # and password cannot change is not set.
     $Searcher.Filter = "(&(objectCategory=person)(objectClass=user)" `
         + "(pwdLastSet>=" + $($64Bit1) + ")" `
         + "(pwdLastSet<=" + $($64Bit2) + ")" `
         + "(!userAccountControl:1.2.840.113556.1.4.803:=2)" `
         + "(!userAccountControl:1.2.840.113556.1.4.803:=65536)" `
         + "(!userAccountControl:1.2.840.113556.1.4.803:=32)" `
         + "(!userAccountControl:1.2.840.113556.1.4.803:=48))"
    
     $Searcher.PropertiesToLoad.Add("sAMAccountName") > $Null
     $Searcher.PropertiesToLoad.Add("DisplayName") > $Null
     $Searcher.PropertiesToLoad.Add("pwdLastSet") > $Null
     $Searcher.PropertiesToLoad.Add("mail") > $Null
     $Searcher.PropertiesToLoad.Add("proxyAddresses") > $Null
     $Searcher.SearchRoot = $Domain
    
     $Results = $Searcher.FindAll()
     ForEach ($Result In $Results){
         $Name = $Result.Properties.Item("sAMAccountName")
         $DisplayName = $Result.Properties.Item("DisplayName")
         $PLS = $Result.Properties.Item("pwdLastSet")
         $Mail = $Result.Properties.Item("mail")
         $Addresses = $Result.Properties.Item("proxyAddresses")
         If ($PLS.Count -eq 0){
             $Date = [DateTime]0
         }else{
             # Interpret 64-bit integer as a date.
             $Date = [DateTime]$PLS.Item(0)
         }
         # Convert from .NET ticks to Active Directory Integer8 ticks.
         # Also, convert from UTC to local time.
         $PwdLastSet = $Date.AddYears(1600).ToLocalTime()
         # Determine when password expires.
         $PwdExpires = $PwdLastSet.AddDays($MaxPwdAge)
    
         # Determine email address.
         If (-not $Mail) {
             ForEach ($Address In $Addresses){
                 $Prefix = $Address.SubString(0, 5)
                 If (($Prefix -ceq "SMTP:") -or ($Prefix -ceq "X400:")){
                     $Mail = $Address.SubString(5)
                     Break
                 }
             }
         }
         If($Mail){
            $body = $bodyTemplate -f $DisplayName,$Name,$PwdExpires
            Send-MailMessage -To $Mail -Body $Notice @mailProps
            "Email sent to $Name ($Mail), password expires $PwdExpires"
         }else{
             "$Name has no email, but password expires $PwdExpires"
             "DN: $DN"
         }
     }


    \_(ツ)_/


    • Edited by jrv Tuesday, September 25, 2018 1:29 PM
    • Marked as answer by Farid Ahmadov Wednesday, September 26, 2018 5:36 AM
    Tuesday, September 25, 2018 1:22 PM
  • How Can I change date in script I need user recieve notification in this format day/month/year/    but  users recieve in this format   month/day/year   date in server change as I need but it not work 

    System administrator


    Monday, October 1, 2018 7:03 AM