Script for manager field in AD users and computers


  • I was wanting to make a script to e-mail managers after every 6 months of an employee working. I know there is a field in AD users and computers to put down your manager. I just wondered if after every 6 months I could have a script email there manager telling them it was time for a evaluation.


    Tuesday, August 06, 2013 12:59 PM


All replies

  • i would use something like this to determine 6 month accounts

    $checktime = (get-date).addmonths(-6)

    get-aduser -searchbase "CN=Users,DC=contoso,DC=com" -Properties whencreated -filter {whencreated -ge $checktime}

    use get-aduser then select managers email

    Get-ADUser -Identity SAMAccountName -Properties EmailAddress,Manager | 
    %{(Get-AdUser $_.Manager -Properties EmailAddress).EmailAddress}

    this is send email function

    Tuesday, August 06, 2013 1:10 PM
  • For one time execution the above snippet works. If you run it everyday managers will get mail for same employees along with additional.

    We need to tweak little bit more to update description field as 6 months and ignore for if already mail triggered.

    If my understanding is correct please reply. I will share the code snippet. I am testing it now.

    Tuesday, August 06, 2013 1:41 PM
  • So I am trying to put it all together. Is this right?

    = (get-date).addmonths(-6) |
    get-aduser -searchbase "CN=Users,DC=contoso,DC=com" -Properties whencreated -filter {whencreated -ge $checktime} |
    Get-ADUser -Identity SAMAccountName -Properties EmailAddress,Manager |
    %{(Get-AdUser $_.Manager -Properties EmailAddress).EmailAddress}

    Tuesday, August 06, 2013 1:56 PM
  • change samaccountname to $_.samaccountname, and what you have so far will give you email addresses for managers from there you will need to store that address and send them emails for each sam account name

    but like chen said there needs to be more logic added or script will email same managers about same users, so maybe adding these account names to a file or keeping a list of 6 month 12month etc

    • Edited by ImMax Tuesday, August 06, 2013 2:04 PM
    Tuesday, August 06, 2013 2:02 PM
  • No, it will not work as you expected. Are you going to run this every day? Because any employee may complete 6 months at any day. The above script will send mail again for the same user adding with the new user. Validation will be difficult. We need to use a counter variable or something to avoid repetition.

    The mail should trigger only after 6 months completion and next mail after 6 months. Am I correct?

    Tuesday, August 06, 2013 2:03 PM
  • You are correct sir.
    Tuesday, August 06, 2013 2:05 PM
  • In short, we can make this with '-EQ' Operator. So that it will send mail only EMP completed 6 months on Script execution day.
    Tuesday, August 06, 2013 2:36 PM
  • What would that look like exactly? I'm a little confused on that.
    Tuesday, August 06, 2013 2:40 PM
  • $checktime = (Get-Date).AddMonths(-6)
    $usercreated = (Get-QADUser -Identity "TestAccount").Whencreated
    if($usercreated -eq $checktime)
        Write-Host "COMPLETED 6 Months"
        Write-Host "Failed"

    Note: Replace "Test Account with the account created exactly 6 months before" EG: Wednesday, February 06, 2013 4:41:08 PM

    If this works we can fetch for all other accounts with the same logic.

    Logically my code will ignore EMP joined 6 months before. This code will Check Current Date Subtract with 6 Months period and compare with AD account created.This can be used only for ongoing process

    • Edited by Chen VMVP Tuesday, August 06, 2013 2:45 PM Modification
    Tuesday, August 06, 2013 2:42 PM
  • What if I want to use it for everyone in AD. Im not sure if you thought I just wanted it for 1 person but I would like it for 200+ people. I just want it to be easier for the managers to know every 6 months when they need to have an evaluation review for a certain employee. I wouldn't mind to make it like

    $checktime = (get-date).addmonths(-6,-12,-18,-24,-30,-36,-42...)

    if that would work. I would just make it so it lasts for the next 10 years or so.

    Tuesday, August 06, 2013 2:47 PM
  • Logically sounds good, but will it work technically is a question :( .

    If I am not wrong it throws overload error. But logic is good

    Tuesday, August 06, 2013 2:56 PM
  • Yeah, you are correct.
    import-module activedirectory
    $checktime = (get-date).addmonths(-6) |
    get-aduser -searchbase "CN=Users,DC=Contoso,DC=com" -Properties whencreated -filter {whencreated -get $checktime}

    Even when I run this it says

    Get-ADUser : Variable: 'checktime' found in expression: $checktime is not defined.
    At line:3 char:11
    + get-aduser <<<<  -searchbase "CN=Users,DC=Contoso,DC=com" -Properties whencreated -filter {whencreated -ge $checktime}
        + CategoryInfo          : InvalidArgument: (:) [Get-ADUser], ArgumentException
        + FullyQualifiedErrorId : Variable: 'checktime' found in expression: $checktime is not defined.,Microsoft.ActiveDirectory.Management.Commands.GetADUser
    Tuesday, August 06, 2013 3:00 PM
  • Because this line is incorrect {whencreated -get $checktime}

    Change to -ge (Greater Than)

    Tuesday, August 06, 2013 3:08 PM
  • Hi Friend,

    1: Do you have SharePoint in your environment?

    2: Can we do this using ongoing project implementation?

    3. Can we use Access Database to use PS script to achieve this?

    Let me know your choice.

    This is very weird task but very interesting!!!

    Everything is possible in Technology but the platform we use is a challenge. :)

    • Edited by Chen VMVP Tuesday, August 06, 2013 9:04 PM typo error
    Tuesday, August 06, 2013 8:55 PM
  • Hi,

    We appreciate the willingness to help. However, this is not a consultancy forum, nor is this forum a "scripts on demand" forum where posters can request for someone to write completed scripts. The purpose of this forum is to answer specific scripting questions.

    That said, is there a specific question we can answer?


    Tuesday, August 06, 2013 9:12 PM
  • Hi Bill, 

    Thanks for highlighting this,


    Please post your query in Browse Script Requests

    Wednesday, August 07, 2013 8:14 AM
  • $name = Get-Content C:\UserList.txt
    foreach($user in $name)
    $user = Get-QADUser -Identity $user
    $manageremail = Get-ADUser -Identity $user.LogonName  -Properties EmailAddress , Manager | %{(Get-AdUser $_.Manager -Properties EmailAddress).EmailAddress}

    $currentdate = Get-Date
    $joined = $user.whenCreated
    $Experience = $currentdate - $joined
    $tenurity =  $Experience.Days/365
    $tenurityyears = "{0:N2}" -f $tenurity

    if($tenurityyears -match "0.5")
    {Send-MailMessage -From ""-To "" -SmtpServer "smtpservername" -Subject "Tenured 6 Month - Please Validate"
    $objRecordSet.Fields.Item("MailNotification").Value =  "Mail Sent"
    elseif($tenurityyears -match "1")
    {Send-MailMessage -From ""-To "" -SmtpServer "smtpservername" -Subject "Tenured 6 Month - Please Validate"
    $objRecordSet.Fields.Item("MailNotification").Value =  "Mail Sent"}
    elseif($tenurityyears -match "1.5")
    {Send-MailMessage -From ""-To "" -SmtpServer "smtpservername" -Subject "Tenured 6 Month - Please Validate"
    $objRecordSet.Fields.Item("MailNotification").Value =  "Mail Sent"}
    elseif($tenurityyears -match "2")
    {Send-MailMessage -From ""-To "" -SmtpServer "smtpservername" -Subject "Tenured 6 Month - Please Validate"
    $objRecordSet.Fields.Item("MailNotification").Value =  "Mail Sent"}
    elseif($tenurityyears -match "2.5")
    {Send-MailMessage -From ""-To "" -SmtpServer "smtpservername" -Subject "Tenured 6 Month - Please Validate"
    $objRecordSet.Fields.Item("MailNotification").Value =  "Mail Sent"}

    Friday, August 09, 2013 2:46 PM