Domain Admin Password Expiry Report

Posted Jul 16, 2022 Updated Oct 24, 2024

1 min read

# Settings
$smtpServer = "relay.guler.com"  # SMTP server
$smtpFrom = "[email protected]"  # Receiver
$smtpTo = ("[email protected]")  # Receiver e-mail
$subject = "Domain admin Password Expiry Report"
$body = "Domain Admin users will expire""

# Password expiration calculation
$expiryDays = 30
$currentDate = Get-Date

$report = Get-ADGroupMember -Identity "Domain Admins" | ForEach-Object {
    $user = Get-ADUser -Identity $_.SamAccountName -Properties "PasswordLastSet", "PasswordNeverExpires"
    if ($user.PasswordNeverExpires -eq $false) {
        $lastSet = $user.PasswordLastSet
        $expiryDate = $lastSet.AddDays($expiryDays)
        [PSCustomObject]@{
            UserName = $user.Name
            #PasswordLastSet = $lastSet
            Pass_Expire_date_time = $expiryDate
        }
    }
} | Format-Table -AutoSize | Out-String

# Sending an email
$message = New-Object system.net.mail.mailmessage
$message.from = $smtpFrom
$message.To.Add($smtpTo)
$message.Subject = $subject
$message.Body = "$body`n`n$report"
$smtp = New-Object Net.Mail.SmtpClient($smtpServer)

# Add recipient addresses
foreach ($recipient in $smtpTo) {
    $message.To.Add($recipient)
}

# Sending emails
$smtp.Send($message)

Write-Output "Email sent successfully."

PowerShell

This post is licensed under CC BY 4.0 by the author.

Trending Tags