Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- $oldfile = "C:\temp\PSWSD_never\OLDNeverExpire.csv"
- $tempfile = "C:\temp\PSWSD_never\tempOLDNeverExpire.csv"
- $reportfile = "C:\temp\PSWSD_never\report.txt"
- $newlist = @()
- $newentries = @()
- $oldentries = @()
- $newusers = @()
- $removedusers = @()
- #$PDC = Get-ADDomain | Select-Object -Property PDCEmulator -ExpandProperty PDCEmulator
- try
- {
- $oldlist = Import-Csv $oldfile
- }
- catch
- {
- New-Item $oldfile -Force -ItemType File
- $oldlist = @()
- }
- try
- {
- $newlist_objects = Get-ADUser -Properties PAsswordNeverExpires,EmployeeType,pwdLastSet,CanonicalName -Filter { PasswordNeverExpires -EQ $true -and EmployeeType -EQ "Employee" -and Enabled -EQ $true } | Select-Object CanonicalName,@{ Name = "LastSet"; Expression = { [datetime]::FromFileTime($_.pwdLastSet).ToString("yyyy-MM-dd HH:mm:ss") } } | Sort-Object CanonicalName
- $newlist_objects | Export-Csv -Path $tempfile -NoTypeInformation -Encoding UTF8
- $newlist = Import-Csv $tempfile
- }
- catch
- {
- Write-Host "Failure"
- return
- }
- #if ($oldlist -eq $null)
- #{
- # $oldlist+=""
- #}
- $Today = (Get-Date).DayOfWeek
- $Change = $false
- $change = ((Get-FileHash -Algorithm SHA256 $tempfile).Hash -ne (Get-FileHash -Algorithm SHA256 $oldfile).Hash)
- if ($oldlist -eq $null -or $change -eq $true -or $Today -eq "Tuesday")
- {
- $oldcount = $oldlist.count
- $newcount = $newlist.count
- if ($oldcount -gt 0)
- {
- $output = Compare-Object -ReferenceObject $oldlist -DifferenceObject $newlist
- }
- else
- {
- $output = Compare-Object -ReferenceObject "None" -DifferenceObject $newlist
- }
- #Write-EventLog –LogName Application –Source “Never Expiring Password” –EntryType Information –EventID 100 –Message “There has been a Change in Never Expiring Password Accounts!”
- if ($change)
- {
- "There has been a change in users that have accounts that do not expire.<BR>" | Tee-Object -File $reportfile -Append
- "Previously we had $oldcount and now we have $newcount. <B>There should be NONE.</B><BR>" | Tee-Object -File $reportfile -Append
- "<P>The New Users are:<BR>" | Tee-Object -File $reportfile -Append
- #Comparing for new users:
- $newusers += Compare-Object (Import-Csv $oldfile) (Import-Csv $tempfile) | Where-Object { $_.sideindicator -eq "=>" } | ForEach-Object { $_.inputobject } | ConvertTo-Html -Fragment -As Table | Tee-Object -File $reportfile -Append
- "</P>" | Tee-Object -File $reportfile -Append
- "<P>The Removed Users are:<BR>" | Tee-Object -File $reportfile -Append
- #Comparing for removed users:
- $removedusers += Compare-Object (Import-Csv $oldfile) (Import-Csv $tempfile) | Where-Object { $_.sideindicator -eq "<=" } | ForEach-Object { $_.inputobject } | ConvertTo-Html -Fragment -As Table | Tee-Object -File $reportfile -Append
- "</P>" | Tee-Object -File $reportfile -Append
- }
- else
- {
- "<P><H2>Weekly update! Still have Employees with non-expiring passwords!!!</H2></P>" | Add-Content $reportfile
- }
- "<P>The Remaining Users which <b>should be ZERO!</b> are:<br>" | Add-Content $reportfile
- $newlist | ConvertTo-Html -Fragment -As Table | Add-Content $reportfile
- $body = Get-Content $reportfile | Out-String
- $Recipients = @("User@Contoso.com")
- $Computer = $env:COMPUTERNAME
- Send-MailMessage -From "$Computer-PWCchecker@Contoso.com" -To $Recipients -Subject "Change in Non-expiring Passwords" -SmtpServer "SMTP.Contoso.com" -Body $body -BodyAsHtml
- }
- $newlist_objects | Export-Csv -Path $oldfile -NoTypeInformation -Encoding UTF8
- Remove-Item $tempfile -Force -ErrorAction SilentlyContinue
- Remove-Item $reportfile -Force -ErrorAction SilentlyContinue
Add Comment
Please, Sign In to add comment