hsmalley · October 4, 2012 12:18
diff --git a/PasswordExpiryReport.ps1 b/PasswordExpiryReport.ps1
 <#
 .SYNOPSIS
 	Reports on Users whose passwords are about to expire
 .NOTES
 	Requires Quest.ActiveRoles.ADManagementsnapin to get the AD attributes.
 .LINK
 	http://www.theagreeablecow.com/2012/06/preventing-password-expirations-with.html
 #>

 # --------------------------------------------------	
 write-verbose Setup Variables
 $days_before_expiry = 5
 $smtp = "exchange.MyDomain.com.au"
 $from = "[email protected]"
 $admin = "[email protected]"
 $AdminName = "TheAgreeableCow"
 # --------------------------------------------------

 function Send-Mail{
 	param($smtpServer,$from,$to,$subject,$body)
 	$smtp = new-object system.net.mail.smtpClient($SmtpServer)
 	$mail = new-object System.Net.Mail.MailMessage
 	$mail.from = $from
 	$mail.to.add($to)
 	$mail.subject = $subject
 	$mail.body = $body
 	$mail.IsBodyHtml = $true
 	$smtp.send($mail)
 }

 write-verbose Setup Style Sheet
 $newline = "<br>"
 $font = "<font size=`"3`" face=`"Calibri`">"

 write-verbose Load variables and query AD
 $today = (Get-date)
 $cutoff = $today.AddDays($days_before_expiry)
 add-pssnapin "Quest.ActiveRoles.ADManagement"
 $users_to_be_notified = Get-QADUser -Enabled -passwordNeverExpires:$False | Where {($_.PasswordExpires -lt $cutoff)}

 write-verbose Generate emails
 foreach ($user in $users_to_be_notified) {
 	$days_remaining = ($user.PasswordExpires - $today).days
        $body = $font

 		
 	write-verbose Users where password has expired
 	if ($days_remaining -le 0) {
 			$days_remaining = [math]::abs($days_remaining)
 			$expired_users += $user.name + " - <font color=blue>" + $user.LogonName + "</font>'s password has expired <font color=blue>" + $days_remaining + "</font> day(s) ago." + $newline
 			
 			write-verbose Prepare email to user (if they have an email address)
 			if ($user.Email -ne $null) {
 				$to = $user.Email
 				$subject = "Reminder - Password has expired " + $days_remaining + "day(s) ago."
 				$body1 += "Hi " + $user.givenname + "," + $newline + $newline
 				$body1 += "This is a friendly reminder that your password for account'<font color=blue>" + $user.LogonName + "</font>' has already expired "+ $days_remaining + " day(s) ago."
 				$body1 += " Please contact the Helpdesk to arrange for your password to be reset."
 			}
 			else {
 				write-verbose Prepare email to administrator
 				$to = $admin
 				$subject = "Reminder - " + $user.LogonName+ "'s Password has expired" + $days_remaining + " day(s) ago."
 				$body1 += "Dear administrator," + $newline + $newline
 				$body1 += "<font color=blue>" + $user.LogonName+ "</font>'s passwordhas expired <font color=blue>" + $days_remaining + " day(s) ago</font>."
 				$body1 += " However, the system has detected that there is no emailaddress attached to the profile."
 				$body1 += " Therefore, no email notifications has been sent to " + $user.Name + "."
 				$body1 += " Kindly reset the password and notify user of the password change."
 			}

 			$body1 += $newline + $newline + $newline + $newline
 			$body1 += "<h5>Message generated on: " + $today + ".</h5>"
 			$body1 += "</font>"

 			write-verbose Send email
 			#Send-Mail -smtpServer $smtp -from $from -to $to -subject $subject -body $body1
 	}

 	write-verbose Users whose password is expiring
 	if ($days_remaining -lt $days_before_expiry) {
 		$expiring_users += $user.name + " - <font color=blue>" +$user.LogonName + "</font> has <font color=blue>" + $days_remaining +"</font> day(s) remaing left to change his/her password." + $newline

 		write-verbose Prepare email to user (if they have an email address)
 		if ($user.Email -ne $null) {
 			$to = $user.Email
 			$subject = "Reminder - Password is expiring in " + $days_remaining +" day(s)."
 			$body += "Hi " + $user.givenname + "," + $newline + $newline
 			$body += "This is a friendly reminder that your password for account '<font color=blue>" + $user.LogonName + "</font>' is due to expire in "+ $days_remaining + " day(s). "  + $newline + $newline
 			$body += "It is best to reset your password just prior to finishing for the day, by hitting Ctrl+Alt+Del and then 'Change Password'. "  + $newline + $newline
 			$body += "Please remember to change your password before <fontcolor=blue>" + $user.PasswordExpires.date.tostring('dd/MM/yyyy') +"</font>." + $newline + $newline
 			$body += "Regards," + $newline + $newline
 			$body += "Helpdesk"
 		}
 		else {
 			write-verbose Prepare email to administrator
 			$to = $admin
 			$subject = "Reminder - " + $user.LogonName+ "'s Password is expiring in " + $days_remaining + " day(s)."
 			$body += "Dear administrator," + $newline + $newline
 			$body += "<font color=blue>" + $user.LogonName+ "</font>'s passwordis expiring in <font color=blue>" + $days_remaining + " day(s)</font>."
 			$body += " However, the system has detected that there is no emailaddress attached to the profile."
 			$body += " Therefore, no email notifications has been sent to " +$user.Name + "."
 			$body += " Kindly remind him/her to change the password before <fontcolor=blue>" + $user.PasswordExpires.date.tostring('dd/MM/yyyy') +"</font>."
 		}

 		$body += $newline + $newline + $newline + $newline
 		$body += "<h5>Message generated on: " + $today + ".</h5>"
 		$body += "</font>"

 		write-verbose Send email
 		Send-Mail -smtpServer $smtp -from $from -to $to -subject $subject -body $body
 	}
 }

 write-verbose Generate Password Expiry report
 if ($expired_users -ne $null -and $expiring_users -ne $null) {
 	$to = $admin
 	$subject = "Password Expiry Report"
 	$body = $font
 	$body += "Dear " + $AdminName + ","+ $newline + $newline
 	$body += "<b>Users with passwords expiring soon:</b>" + $newline
 	$body += $expiring_users + $newline + $newline
 	$body += "The following users' passwords are expiring soon or have already expired." + $newline + $newline + $newline
 	$body += "<b>Users with expired passwords:</b>" + $newline
 	$body += $expired_users
 	$body += $newline + $newline + $newline + $newline
 	$body += "<h5>Message generated on: " + $today + ".</h5>"
 	$body += "</font>"

 	Send-Mail -smtpServer $smtp -from $from -to $to -subject $subject -body $body
 }
	<#
	.SYNOPSIS
	Reports on Users whose passwords are about to expire
	.NOTES
	Requires Quest.ActiveRoles.ADManagementsnapin to get the AD attributes.
	.LINK
	http://www.theagreeablecow.com/2012/06/preventing-password-expirations-with.html
	#>

	# --------------------------------------------------
	write-verbose Setup Variables
	$days_before_expiry = 5
	$smtp = "exchange.MyDomain.com.au"
	$from = "[email protected]"
	$admin = "[email protected]"
	$AdminName = "TheAgreeableCow"
	# --------------------------------------------------

	function Send-Mail{
	param($smtpServer,$from,$to,$subject,$body)
	$smtp = new-object system.net.mail.smtpClient($SmtpServer)
	$mail = new-object System.Net.Mail.MailMessage
	$mail.from = $from
	$mail.to.add($to)
	$mail.subject = $subject
	$mail.body = $body
	$mail.IsBodyHtml = $true
	$smtp.send($mail)
	}

	write-verbose Setup Style Sheet
	$newline = "<br>"
	$font = "<font size=`"3`" face=`"Calibri`">"

	write-verbose Load variables and query AD
	$today = (Get-date)
	$cutoff = $today.AddDays($days_before_expiry)
	add-pssnapin "Quest.ActiveRoles.ADManagement"
	$users_to_be_notified = Get-QADUser -Enabled -passwordNeverExpires:$False \| Where {($_.PasswordExpires -lt $cutoff)}

	write-verbose Generate emails
	foreach ($user in $users_to_be_notified) {
	$days_remaining = ($user.PasswordExpires - $today).days
	$body = $font


	write-verbose Users where password has expired
	if ($days_remaining -le 0) {
	$days_remaining = [math]::abs($days_remaining)
	$expired_users += $user.name + " - <font color=blue>" + $user.LogonName + "</font>'s password has expired <font color=blue>" + $days_remaining + "</font> day(s) ago." + $newline

	write-verbose Prepare email to user (if they have an email address)
	if ($user.Email -ne $null) {
	$to = $user.Email
	$subject = "Reminder - Password has expired " + $days_remaining + "day(s) ago."
	$body1 += "Hi " + $user.givenname + "," + $newline + $newline
	$body1 += "This is a friendly reminder that your password for account'<font color=blue>" + $user.LogonName + "</font>' has already expired "+ $days_remaining + " day(s) ago."
	$body1 += " Please contact the Helpdesk to arrange for your password to be reset."
	}
	else {
	write-verbose Prepare email to administrator
	$to = $admin
	$subject = "Reminder - " + $user.LogonName+ "'s Password has expired" + $days_remaining + " day(s) ago."
	$body1 += "Dear administrator," + $newline + $newline
	$body1 += "<font color=blue>" + $user.LogonName+ "</font>'s passwordhas expired <font color=blue>" + $days_remaining + " day(s) ago</font>."
	$body1 += " However, the system has detected that there is no emailaddress attached to the profile."
	$body1 += " Therefore, no email notifications has been sent to " + $user.Name + "."
	$body1 += " Kindly reset the password and notify user of the password change."
	}

	$body1 += $newline + $newline + $newline + $newline
	$body1 += "<h5>Message generated on: " + $today + ".</h5>"
	$body1 += "</font>"

	write-verbose Send email
	#Send-Mail -smtpServer $smtp -from $from -to $to -subject $subject -body $body1
	}

	write-verbose Users whose password is expiring
	if ($days_remaining -lt $days_before_expiry) {
	$expiring_users += $user.name + " - <font color=blue>" +$user.LogonName + "</font> has <font color=blue>" + $days_remaining +"</font> day(s) remaing left to change his/her password." + $newline

	write-verbose Prepare email to user (if they have an email address)
	if ($user.Email -ne $null) {
	$to = $user.Email
	$subject = "Reminder - Password is expiring in " + $days_remaining +" day(s)."
	$body += "Hi " + $user.givenname + "," + $newline + $newline
	$body += "This is a friendly reminder that your password for account '<font color=blue>" + $user.LogonName + "</font>' is due to expire in "+ $days_remaining + " day(s). " + $newline + $newline
	$body += "It is best to reset your password just prior to finishing for the day, by hitting Ctrl+Alt+Del and then 'Change Password'. " + $newline + $newline
	$body += "Please remember to change your password before <fontcolor=blue>" + $user.PasswordExpires.date.tostring('dd/MM/yyyy') +"</font>." + $newline + $newline
	$body += "Regards," + $newline + $newline
	$body += "Helpdesk"
	}
	else {
	write-verbose Prepare email to administrator
	$to = $admin
	$subject = "Reminder - " + $user.LogonName+ "'s Password is expiring in " + $days_remaining + " day(s)."
	$body += "Dear administrator," + $newline + $newline
	$body += "<font color=blue>" + $user.LogonName+ "</font>'s passwordis expiring in <font color=blue>" + $days_remaining + " day(s)</font>."
	$body += " However, the system has detected that there is no emailaddress attached to the profile."
	$body += " Therefore, no email notifications has been sent to " +$user.Name + "."
	$body += " Kindly remind him/her to change the password before <fontcolor=blue>" + $user.PasswordExpires.date.tostring('dd/MM/yyyy') +"</font>."
	}

	$body += $newline + $newline + $newline + $newline
	$body += "<h5>Message generated on: " + $today + ".</h5>"
	$body += "</font>"

	write-verbose Send email
	Send-Mail -smtpServer $smtp -from $from -to $to -subject $subject -body $body
	}
	}

	write-verbose Generate Password Expiry report
	if ($expired_users -ne $null -and $expiring_users -ne $null) {
	$to = $admin
	$subject = "Password Expiry Report"
	$body = $font
	$body += "Dear " + $AdminName + ","+ $newline + $newline
	$body += "<b>Users with passwords expiring soon:</b>" + $newline
	$body += $expiring_users + $newline + $newline
	$body += "The following users' passwords are expiring soon or have already expired." + $newline + $newline + $newline
	$body += "<b>Users with expired passwords:</b>" + $newline
	$body += $expired_users
	$body += $newline + $newline + $newline + $newline
	$body += "<h5>Message generated on: " + $today + ".</h5>"
	$body += "</font>"

	Send-Mail -smtpServer $smtp -from $from -to $to -subject $subject -body $body
	}