none
User account expiration (Not password) script, to retrive users who's password is going to expire in 14 days and send email to respective user manager attribute. RRS feed

  • General discussion

  • User account expiration (Not password) script, to retrieve users who's password is going to expire in 14 days and send email to respective user's manager attribute.
    Tuesday, June 30, 2015 5:23 AM

All replies

  • Check the following scripts that will email your users when their password is due to expire:

    https://gallery.technet.microsoft.com/f7f5f7ed-14ee-4d0e-81c2-7d95ce7e08f5

    https://gallery.technet.microsoft.com/Password-Expiration-35615c06

    https://gallery.technet.microsoft.com/Account-Expiry-Email-Alert-968c487e


    Cheers,

    Andrew

    MCSE, MCSA, VCP, CCNA, SNIA

    Microsoft Infrastructure Consultant

    Blog: Network Angel LinkedIn:

    Note: Please remember to mark as "propose as answer" to help other members. Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Tuesday, June 30, 2015 9:31 AM
  • The question is confusing to me. Do you want the email sent when the user password is about to expire, or when the account is about to expire (as shown on the "Account" tab of ADUC)? These are very different. If the email is to be sent to the user's manager, I suspect you mean the account expiration date, not when the password expires, since the manager can do nothing about the password.

    Such a script would query for all users where the accountExpires attribute is 14 days or less in the future. For all such users the script would retrieve the DN value in the manager attribute of the user (if there is a value), then retrieve attributes of this user, and send a message to the mail attribute (or perhaps the primary address in the proxyAddresses attribute) of the corresponding manager. This a bit more complex than most people assume. Also, you must decide what to do if either the manager attribute of the user or the mail attribute of the manager (or the proxyAddresses attribute) is missing.


    Richard Mueller - MVP Directory Services

    Tuesday, June 30, 2015 5:13 PM
    Moderator