xml PowerShell：发送密码过期提醒＃PowerShell＃ActiveDirectory

Posted 2021-05-17

tags:

篇首语：本文由小常识网(cha138.com)小编为大家整理，主要介绍了xml PowerShell：发送密码过期提醒＃PowerShell＃ActiveDirectory相关的知识，希望对你有一定的参考价值。

<#
$Metadata = @{
	Title = "Send Password Expiration Reminder"
	Filename = "Send-PasswordExpirationReminder.ps1"
	Description = ""
	Tags = "powershell, script, jobs"
	Project = ""
	Author = "Janik von Rotz"
	AuthorContact = "http://.janikvonrotz.ch"
	CreateDate = "2013-08-08"
	LastEditDate = "2013-11-25"
	Version = "2.1.0"
	License = @'
This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License.
To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-nd/3.0/ or
send a letter to Creative Commons, 444 Castro Street, Suite 900, Mountain View, California, 94041, USA.
'@
}
#>

try{

    #--------------------------------------------------#
    # modules
    #--------------------------------------------------#    
    Import-Module ActiveDirectory
	
    #--------------------------------------------------#
    # settings
    #--------------------------------------------------#   
    $TriggerDays = 25, 10, 5, 1
    $SendLinkOnDays = 25,10, 5, 1
	$DaysBeforeDisablingUsersWithPasswordNeverExpires = 180
	$ADGroup = "S-1-5-21-1744926098-708661255-2033415169-36648" # Memberof GroupName should be "SPO_PasswordNotification"   
    
    #--------------------------------------------------#
    # main
    #--------------------------------------------------#

    # get mail config         
    $Mail = Get-PPConfiguration $PSconfigs.Mail.Filter | %{$_.Content.Mail | where{$_.Name -eq "PasswordReminder"}} | select -first 1

    # get days until password expires
    $MaxDays = (Get-ADDefaultDomainPasswordPolicy).MaxPasswordAge.Days 
    if($MaxDays -le 0){throw "Domain 'MaximumPasswordAge' password policy is not configured."}

    # Set days when an email should be sent to inform the users
    $TriggerDays = 25, 10, 5, 1
    $SendLinkOnDays = 25,10, 5, 1

    foreach($TriggerDay in $TriggerDays){    
    
        # Memberof GroupName should be "SPO_PasswordNotification"       
        Get-ADGroupMember $ADGroup -Recursive | 
        Get-ADUser -Properties Enabled, lastLogonTimestamp, PasswordNeverExpires, PasswordLastSet, Mail, DisplayName |
        Select *, @{L = "PasswordExpires";E = { 
            if($_.PasswordNeverExpires){
                $DaysBeforeDisablingUsersWithPasswordNeverExpires - ((Get-Date) - ($_.PasswordLastSet)).Days
            }else{
                $MaxDays - ((Get-Date) - ($_.PasswordLastSet)).Days
            }
        }} |
        where{($_.Enabled -eq $true) -and ($_.PasswordExpires -eq $TriggerDay)} | %{ 
                              
            # set subject
            $Subject = "Passwort Erinnerung: $($_.DisplayName) ihr Passwort läuft in $($_.PasswordExpires) Tagen ab"
            
            $BodyFont = "font-size: 11pt; font-family: Calibri"
            
            # create mail message
            $Body = "<p style = ""$BodyFont"">Guten Tag $($_.DisplayName) <br/> <br/> Ihr Passwort läuft am $(Get-Date (Get-Date).AddDays($_.PasswordExpires) -Format D) ab.</b></p>"          
            if($SendLinkOnDays -contains $TriggerDay){            
                $Body += "<p style = ""$BodyFont"">Bitte ändern Sie das Passwort bevor es abläuft. Rufen Sie dazu die folgende Seite auf: <a href=""https://vbluzern.sharepoint.com/Support/SitePages/Passwortwechsel.aspx"" target=""_blank"">Link</a></p>"
            }
             $Body += "<p style = ""$BodyFont"">ACHTUNG! Dieses E-Mail wurde von einem unbeaufsichtigtem Konto verschickt, Antworten an den Sender dieser E-Mail werden nicht bearbeitet.</p>"

            # send mail
            Write-PPEventLog "$($MyInvocation.InvocationName)`n`nSend password reminder to $($_.Mail)" -WriteMessage -Source "Send Password Expiration Reminder" 
            Send-MailMessage -To $_.Mail -From $mail.FromAddress -Subject $Subject -Body $Body -SmtpServer $Mail.OutSmtpServer -BodyAsHtml -Priority High -Encoding ([System.Text.Encoding]::UTF8)
        
        }        
    }
   
}catch{

	Write-PPErrorEventLog -Source "Send Password Expiration Reminder" -ClearErrorVariable
}

<?xml version="1.0" encoding="utf-8"?>
<Content>

	<Metadata>
		<Title>PowerShell Profile Mail Configuration</Title>
		<Filename>DirSync.mail.config.xml</Filename>
		<Description></Description>
		<Tags>powershell, profile, mail, configuration</Tags>
		<Project></Project>
		<Author>Janik von Rotz</Author>
		<AuthorContact>http://janikvonrotz.ch</AuthorContact>
		<CreateDate>2013-08-14</CreateDate>
		<LastEditDate>2013-08-14</LastEditDate>
		<Version>1.0.0</Version>
	</Metadata>
	
	<Mail Name="ErrorReport" OutSmtpServer="vblw2k8mail05"	FromAddress="noreply@sharepoint.vbl.ch"	ReplyToaddress=""></Mail>
	<Mail Name="PasswordReminder" OutSmtpServer="vblw2k8mail05"	FromAddress="noreply@vbl.ch"	ReplyToaddress=""></Mail>

</Content>

以上是关于xml PowerShell：发送密码过期提醒＃PowerShell＃ActiveDirectory的主要内容，如果未能解决你的问题，请参考以下文章

linux系统开机总提醒pin码过期怎么办

IdM密码过期提醒

VBS判断本地账户密码过期邮件提醒

Powershell 将用户帐户密码设置为永不过期

PowerShell AD用户密码过期脚本更新版

Windows server 2012 R2 AD域密码过期邮件提醒