Share via

send email notification to users before password gets expire

Vishnu Sharma 15 Reputation points
2024-02-22T06:00:27.05+00:00

looking to set something where users get email notifications before passwords expire, we have a hybrid solution where we are using on prem AD and sync everything to Entra ID using Entra AD connect. please let me know what could be the best way to do this. Thanks

Microsoft Security Microsoft Entra Microsoft Entra ID
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Zahra 615 Reputation points
    2024-02-22T09:05:00.1233333+00:00

    Hello, Thanks for posting your question in the Microsoft Q&A forum.
    First you should query to check Password Expiry, then set an email to notify the user. You can do this by running PowerShell script. Here is a simple script that you can modify as your configuration.

    Connect to Azure AD

    Connect-AzureAD

    Define expiry threshold

    $threshold = (Get-Date).AddDays( your password threshold days number)

    query for users with expiring passwords by using "PasswordPolicies" and "PasswordExpires"

    $expiringUsers = Get-AzureADUser -All $true | Where-Object {($.PasswordPolicies -contains "DisablePasswordExpiration") -and ($.PasswordExpires -le $threshold)}

    Script to send email to Users

    $sender = "******@you.com"
    $subject = "Password will expire soon"
    $body = "Your password is expiring soon. Please change it as soon as possible."
    foreach ($user in $expiringUsers) {
        $recipient = $user.UserPrincipalName
        Send-MailMessage -From $sender -To $recipient -Subject $subject -Body $body -SmtpServer "smtp.you.com"
    }

    Best,

    ** Please don't forget to close up the thread here by upvoting and accept it as an answer if it is helpful **

    2 people found this answer helpful.
    0 comments
  2. Akhilesh Vallamkonda 15,320 Reputation points Microsoft External Staff Moderator
    2024-02-22T11:10:15.43+00:00

    Hi @Vishnu Sharma

    For your query, I understand that you would like to set up email notifications for users before their passwords expire.

    Password expiration notifications are no longer supported in the Microsoft 365 admin center and Microsoft 365 apps.

    Reference: https://learn.microsoft.com/en-us/microsoft-365/admin/manage/set-password-expiration-policy?view=o365-worldwide#set-password-expiration-policy I hope this information helps! please Feel free to ask any questions you may have.

    Thanks,

    Akhilesh.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    1 person found this answer helpful.
  3. Patrick J. Balm 0 Reputation points
    2024-02-22T09:13:01.8966667+00:00

    Navigate to "Azure Active Directory" > "Security" > "Authentication methods" > "Password reset." c. Under the "Password reset" settings, you can configure the "Notify users on password expirations" option. Set the desired number of days before password expiration (e.g., 14 days). source: https://learn.microsoft.com/en-us/answers/questions/1359847/enable-notify-to-the-user-about-password-expiratio

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.