尝试向AD组成员的用户发送电子邮件,并且密码使用期限等于90

时间:2018-09-29 18:50:49

标签: powershell

尝试向特定组的用户发送电子邮件,密码使用期限为75天,但是电子邮件永远不会发送或触发密码使用期限错误的帐户。假设我的“哪里对象”逻辑有问题。

$NumberDays_A = 75

$EmailServer = "smtp.company.com"
$SMTPUsername = "blah@blah.com"
$MailFrom = "blah@blah.com"

$Users = get-adgroupmember "90DayPswdExpiration" |
    get-aduser -Properties SamaccountName, otherMailbox, PasswordLastSet, PasswordNeverExpires, PasswordNotRequired |
    Where-Object {$(((Get-Date) - $User.PasswordLastSet).Days) -eq $NumberDays_A} 

ForEach ($User in $Users)
{
#Body of the Email using a here-string
$MailBody = @"
Hello,

You are receiving this email because your password will expire in 14.    Please coordinate the password change for this account. 

Password last set: $($User.PasswordLastSet)
Password Age: $(((Get-Date) - $User.PasswordLastSet).Days)
Password Rotation Policy:  Every 90 Days

If you need assistance with the password change please contact the Service    Desk.

Thanks you! 


"@
$MailSubject = "ACTION REQUIRED: Your AD account password must change!"
Send-MailMessage -SmtpServer $EmailServer -From $MailFrom -To    $($user.otherMailbox) -Subject $MailSubject -Body $MailBody

}

1 个答案:

答案 0 :(得分:1)

将当前日期的天数设置为90,然后使用Where-Object cmdlet执行过滤。像这样:

$Date = (Get-Date).AddDays(-90)
$Users = Get-ADGroupMember '90DayPswdExpiration' |
            Get-ADUser -Properties SamaccountName,
                                   otherMailbox, 
                                   PasswordLastSet, 
                                   PasswordNeverExpires, 
                                   PasswordNotRequired | 
                                        Where-Object { $_.PasswordLastSet -lt $Date }
相关问题
最新问题