Active Directory Password Expiry Reminder Email

you have managed an Active Directory installation that has a large number of users who connect to the network infrequently, you may have faced a problem where the user’s password expires when they are away from the network and possibly leaving them in a situation where they are not able to reset their password remotely.

I recently was in this situation and had to write a script to intimate users about an impending password expiry. Here is what the script does:

The script queries your domain for all users and checks for the last password change date. This value is compared against you max password age value and then sends an email reminder to the user that is password is about to expire in x days. This email reminder is sent 9, 6 and 3 days before the actual password expiry date, giving the user enough time to reset the password without getting locked out.

You can schedule the script to run every day in which case you will need to write a simple batch file to call this script and maybe even log the output to a file. The script can be run under the system account. You can save the following line as a batch file that can be used to call the script:

cscript “Path\to\the\vbs\script” > PwdExpyEmail.log

You can download the script here.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: