弹出用户密码到期通知

时间:2017-05-25 07:58:47

标签: powershell

所有

感谢您的反馈,我调整了一些我从您这里得到的代码

public class ScrollingBehavior extends CoordinatorLayout.Behavior<AppBarLayout> {

public ScrollingBehavior() {
}

public ScrollingBehavior(Context context, AttributeSet attrs) {
    super(context, attrs);
}

@Override
public boolean onStartNestedScroll(CoordinatorLayout coordinatorLayout, AppBarLayout child, View directTargetChild, View target, int nestedScrollAxes) {
    boolean started = nestedScrollAxes == ViewCompat.SCROLL_AXIS_VERTICAL;
    Log.d("log", "onStartNestedScroll: " + started);
    return started;
}

@Override
public void onStopNestedScroll(CoordinatorLayout coordinatorLayout, AppBarLayout child, View target) {
    Log.d("log", "onStopNestedScroll");
    super.onStopNestedScroll(coordinatorLayout, child, target);
}

对于密码将在14天后过期的用户来说,它完美无缺。无论如何,我想通过

检查域密码政策
Insert into EMP values ('Raju''s kumar' , 10000)

但是一旦它通过用户配置文件上的登录脚本运行就会说即使我强制导入模块ActiveDirectory也无法识别。

无论如何,它并不完美,还有更大的改进空间,但至少它适合我的工作。

非常感谢。

2 个答案:

答案 0 :(得分:1)

您不需要脚本,因为该功能已内置于Windows组策略中,设置时会显示如下弹出窗口:

enter image description here

您需要设置的政策是:

  

计算机配置/策略/ Windows设置/安全设置/本地策略/安全选项/ 交互式登录:提示用户在到期前更改密码

enter image description here enter image description here

答案 1 :(得分:0)

你有一个奇怪的情况,你想要运行一个用户端脚本,但我不知道如何使用本机.NET / PowerShell获取密码年龄或确切的到期日期(即没有Get-AdUser)

$MaxPasswordDays = 30
$Searcher = [adsisearcher]::new()
$Searcher.Filter="SamAccountName=$($env:USERNAME)"
$User = $Searcher.FindOne().Properties
$PasswordSet = $User.pwdlastset
$Expires = [DateTime]::FromFileTime("$PasswordSet").AddDays($MaxPasswordDays*-1)
if ($Expires-(Get-Date) -lt 5){ #If Expires in 5 or less Days
    Add-Type -AssemblyName 'System.Windows.Forms'
    [System.Windows.Forms.MessageBox]::Show("Your password will expire soon, press Ctrl+Alt+Del to change it")
}

如果您将密码有效的天数硬编码到脚本中,您可以使用adsiSearcher对象获取其密码最后设置的日期,然后向后工作以显示消息框,在启动时运行此消息登录脚本很容易做到。

关于实际问题而不是技术问题,我建议使用电子邮件而不是弹出窗口。

代码我已经躺在电子邮件提醒脚本中:只需将顶部的一些内容换掉,直到它适合您。

$RemindOn = @(1,3,5)
$FromAddr = "no-reply@domain.com"
$AdFilter = {Enabled -eq $True}
$Subject = "Password Expiry Reminder."
$PSEmailServer = "exchange-server-1.domain.local"

#region Message
#GivenName,Name,Expires,ExpiresIn,set custom vars above
$Message = '"** This is an auto-generated email, please do not reply **
Hi $GivenName,

We have detected your password is going to expire on $Expires ($ExpiresIn days from now)
Please change your password Immediately by pressing Ctrl+Alt+Delete and choosing ""Change a Password""

Regards,
IT"'
#endregion

#region Code Below
Import-Module ActiveDirectory
$Today = Get-Date

Get-ADUser -Filter $AdFilter -Properties "msDS-UserPasswordExpiryTimeComputed","EmailAddress","DisplayName","GivenName" | % {
    $ExpiresRaw = $_."msDS-UserPasswordExpiryTimeComputed"
    if ($ExpiresRaw -ne ([Int64]::MaxValue)){ #never expires
        $ExpiresDate = [DateTime]::FromFileTime($ExpiresRaw)
        #Prepare vars for email body
        $GivenName = $_.GivenName
        $Name = $_.Name
        $Expires = $ExpiresDate.ToShortDateString()
        $ExpiresIn = [int]($ExpiresDate-(Get-Date)).TotalDays

        if (![string]::IsNullOrWhiteSpace($_.EmailAddress) -and ($ExpiresIn -in $RemindOn)){
            #Send-MailMessage -From $FromAddr -To $_.EmailAddress -Subject $Subject -Body ($Message | iex)
        }
    }
}
#endregion