Share via

Error while running PS script for password notification to AD users

Mahesh Jaiswal 86 Reputation points
2021-08-25T14:10:00.593+00:00

Dear All,

I am using below script which I found here only , but when I am running that script for testing purpose in Windowshell ISE and getting attached error .
Below is the script I am using

######## Variables#################

$verbose = $true
$notificationstartday = 14
$sendermailaddress = "..com"
$SMTPserver = ".*.com"
$DN = "DC=******,DC=***"

######## Function##################

function PreparePasswordPolicyMail ($ComplexityEnabled,$MaxPasswordAge,$MinPasswordAge,$MinPasswordLength,$PasswordHistoryCount)
{
$verbosemailBody = "Below is a summary of the applied Password Policy settings:rnrn"
$verbosemailBody += "Complexity Enabled = " + $ComplexityEnabled + "rnrn"
$verbosemailBody += "Maximum Password Age = " + $MaxPasswordAge + "rnrn"
$verbosemailBody += "Minimum Password Age = " + $MinPasswordAge + "rnrn"
$verbosemailBody += "Minimum Password Length = " + $MinPasswordLength + "rnrn"
$verbosemailBody += "Remembered Password History = " + $PasswordHistoryCount + "rnrn"
return $verbosemailBody
}

function SendMail ($SMTPserver,$sendermailaddress,$usermailaddress,$mailBody)
{
$smtpServer = $SMTPserver
$msg = new-object Net.Mail.MailMessage
$smtp = new-object Net.Mail.SmtpClient($smtpServer)
$msg.From = $sendermailaddress
$msg.To.Add($usermailaddress)
$msg.Subject = "Your password is about to expire"
$msg.Body = $mailBody
$smtp.Send($msg)
}

######## Main######################

$domainPolicy = Get-ADDefaultDomainPasswordPolicy
$passwordexpirydefaultdomainpolicy = $domainPolicy.MaxPasswordAge.Days -ne 0

if($passwordexpirydefaultdomainpolicy)
{
$defaultdomainpolicyMaxPasswordAge = $domainPolicy.MaxPasswordAge.Days
if($verbose)
{
$defaultdomainpolicyverbosemailBody = PreparePasswordPolicyMail $PSOpolicy.ComplexityEnabled $PSOpolicy.MaxPasswordAge.Days $PSOpolicy.MinPasswordAge.Days $PSOpolicy.MinPasswordLength $PSOpolicy.PasswordHistoryCount
}
}

foreach ($user in (Get-ADUser -SearchBase -Filter * -properties mail))
{
$samaccountname = $user.samaccountname
$PSO= Get-ADUserResultantPasswordPolicy -Identity $samaccountname
if ($PSO -ne $null)
{
$PSOpolicy = Get-ADUserResultantPasswordPolicy -Identity $samaccountname
$PSOMaxPasswordAge = $PSOpolicy.MaxPasswordAge.days
$pwdlastset = [datetime]::FromFileTime((Get-ADUser -LDAPFilter "(&(samaccountname=$samaccountname))" -properties pwdLastSet).pwdLastSet)
$expirydate = ($pwdlastset).AddDays($PSOMaxPasswordAge)
$delta = ($expirydate - (Get-Date)).Days
$comparionresults = (($expirydate - (Get-Date)).Days -le $notificationstartday) -AND ($delta -ge 1)
if ($comparionresults)
{
$mailBody = "Dear " + $user.GivenName + ",rnrn"
$mailBody += "Your password will expire after " + $delta + " days. You will need to change your password to keep using it.rnrn"
if ($verbose)
{
$mailBody += PreparePasswordPolicyMail $PSOpolicy.ComplexityEnabled $PSOpolicy.MaxPasswordAge.Days $PSOpolicy.MinPasswordAge.Days $PSOpolicy.MinPasswordLength $PSOpolicy.PasswordHistoryCount
}
$mailBody += "rnrnYour IT Department"
$usermailaddress = $user.mail
SendMail $SMTPserver $sendermailaddress $usermailaddress $mailBody
}
}
else
{
if($passwordexpirydefaultdomainpolicy)
{
$pwdlastset = [datetime]::FromFileTime((Get-ADUser -LDAPFilter "(&(samaccountname=$samaccountname))" -properties pwdLastSet).pwdLastSet)
$expirydate = ($pwdlastset).AddDays($defaultdomainpolicyMaxPasswordAge)
$delta = ($expirydate - (Get-Date)).Days
$comparionresults = (($expirydate - (Get-Date)).Days -le $notificationstartday) -AND ($delta -ge 1)
if ($comparionresults)
{
$mailBody = "Dear " + $user.GivenName + ",rnrn"
$delta = ($expirydate - (Get-Date)).Days
$mailBody += "Your password will expire after " + $delta + " days. You will need to change your password to keep using it.rnrn"
if ($verbose)
{
$mailBody += $defaultdomainpolicyverbosemailBody
}
$mailBody += "rnrnYour IT Department"
$usermailaddress = $user.mail
SendMail $SMTPserver $sendermailaddress $usermailaddress $mailBody
}

    }              
}

}

But when I run this script getting error shown in image .

Requesting you to please let me know If i missing any thing while running this script.

Thanks in Advanced.
126327-error.png

Windows for business | Windows Client for IT Pros | Directory services | Active Directory
Windows for business | Windows Server | Devices and deployment | Set up, install, or upgrade
Windows for business | Windows Server | User experience | Other
0 comments
Answer accepted by question author
  1. Charles Thivierge 4,181 Reputation points
    2021-08-25T15:37:02.883+00:00

    Does the computer where this script is running has the ActiveDirectory module installed ?

4 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Limitless Technology 40,076 Reputation points
    2021-08-25T18:19:20.393+00:00

    Hello @Mahesh Jaiswal ,

    Error clearly indicated that ActiveDirectory modules are not installed in powershell. Please go through the below link, install and try again

    https://learn.microsoft.com/en-us/powershell/module/activedirectory/?view=windowsserver2019-ps

    --please don't forget to upvote and Accept as answer if the reply is helpful--

    Thanks,
    Mohammed S

  2. Charles Thivierge 4,181 Reputation points
    2021-08-27T17:53:32.687+00:00

    I think you have to specify the security protocol in your PS script.

    Try adding this line

    [System.Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

    hth

  3. Charles Thivierge 4,181 Reputation points
    2021-08-30T15:22:10.71+00:00

    I would say before calling your "sendmail" function in the main section

  4. Charles Thivierge 4,181 Reputation points
    2021-08-31T12:43:32.523+00:00

    What is the .Net Framework version installed?

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.