Get AD password expire time
$users = Get-ADUser -filter {Enabled -eq $True -and PasswordNeverExpires -eq $False} –Properties "DisplayName", "msDS-UserPasswordExpiryTimeComputed", "mail" | Select-Object -Property "Displayname","mail",@{Name="ExpiryDate";Expression={[datetime]::FromFileTime($_."msDS-UserPasswordExpiryTimeComputed")}} foreach ($user in $users) { if (($user.ExpiryDate -ne $null) -and ($user.DisplayName -ne $null) -and ($user.mail -ne $null)) { $diff = New-Timespan -End $user.ExpiryDate.ToString("yyyy-MM-dd") -Start (Get-Date).ToString("yyyy-MM-dd") if (($diff.days -le 15) -and ($diff.days -gt 0)) { Send-MailMessage -To $user.mail -From "it@example.com" -cc "logs@example.com" -Subject "Password expires soon" -Body "info on how to change password" -SmtpServer "10.134.10.195" -Port 26 } if ($diff.days -eq 0) { Send-MailMessage -To $user.mail -From "it@example.com" -cc "logs@example.com" -Subject "Password expires today" -Body "info on how to change password" -SmtpServer "10.134.10.195" -Port 26 } if ($diff.days -le 0) { Send-MailMessage -To $user.mail -From "it@example.com" -cc "logs@example.com" -Subject "Password expired" -Body "info on how to change password" -SmtpServer "10.134.10.195" -Port 26 } } }
Create task schedule and run script daily