In this article I will show you how PowerShell can automatically send an e-mail notification to end users when their Active Directory password is set to expire soon. I looked over several other similar scripts on TechNet but ended up writing one from scratch to incorporate several features I needed, as well as improve on the overall script flow.
Some of the requirements I needed to meet were as follows:
- Get users email addresses from the Email Address value in Active Directory, if it’s empty look at the default address in the proxyaddresses attribute
- Send E-mail to users with passwords that were expiring in 7 days or less
- Include directions users can follow to reset their Active Directory password
- Send E-mail with high priority
- Get E-mail notification if sent or failed
- Store the credential in a Cred object so it’s secure
- Advanced logging on the script for troubleshooting
- Send E-mail
Even if a license is not assigned to an Exchange Online object does not mean it’s not being charged back to the tenant. If you work for a MSP or IT Consultant you may want to audit your clients Office 365 tenant for any licenses that are not assigned so they are not paying for licenses that they do not need.
While looking up ways to accomplish this task I came across this script from GCITS. If you have never read any of GCITS’s knowledge-base write ups I recommend you start following their blog posts as they have some of the best write ups, especially for MSP’s, and IT Consultants. The problem with the script is that it exported the unused license count for all licenses including licenses that had zero unused licenses. It also exported the license SKU instead of converting it to a friendly name. If you have … Continue...
This article will show you how to work with the Graph API using a PowerShell module. If you want to learn how to work with the API with only PowerShell please visit this article: https://www.thelazyadministrator.com/2019/07/22/connect-and-navigate-the-microsoft-graph-api-with-powershell/
The Microsoft Graph API is a REST API provided by Microsoft for integrating and managing Office 365 Exchange Online, OneDrive for Business, and Azure AD. It allows for application developers to integrate their apps with those Microsoft Services. Management of the environment is also possible but requires understanding of OAuth and REST.¹
By using the PowerShell module PSMSGraph we can interact with the Graph API in a more PowerShell friendly way. The MSMSGraph module is an API wrapper. It seeks to take the “foreign” concepts of REST and OAuth and make them accessible and usable in PowerShell. This module strives to make PowerShell administration and automation tasks via the Microsoft Graph API more like … Continue...
There are some immediate perks for using PowerShell to either install an application on remote computers or update an applications configuration remotely. In this post I will do several things, Install Office 365 ProPlus to a remote computer, and update the configuration of Office 365 ProPlus on the remote machine, having it go from the Monthly channel to the Semi-Annual channel and also removing groove.exe and lync.exe (Skype for Business).
When updating the configuration the install is silent and the EULA is accepted by setting <Display Level=“None” AcceptEULA=“TRUE”/>. When you set FORCEAPPSHUTDOWN to false, Office applications can be used during the upgrade but its recommended to restart the client workstation at the end of the install. I have also seen it not able to update if certain office applications are running. It’s recommended to set FORCEAPPSHUTDOWN to TRUE to close the office applications while … Continue...
When you want to look up a users license in Office 365 using PowerShell you are presented with a unfriendly Sku. Sometimes the Sku and the actual license name are similar but sometime it’s hard to distinguish the name from the Sku.
Using a hash table we can convert the Sku to its friendly name an have PowerShell do a lookup.
The script will first lookup all users that are currently licensed so it does not attempt to look up a null value. It will then go through each licensed user, take all of their licenses and put it in an array, do a lookup on each license they have and export the user’s Display Name and friendly license name to a CSV file. It will append the results to the CSV so it does not overwrite the file.
The results will display the user and their friendly … Continue...
Recently I wanted to find a way to get PowerShell to create compliance searches that followed keyword queries and search conditions. This means I could have multiple values in one search query. For example, “TO brad wyatt AND FROM email@example.com”. This query would search for e-mails sent to Brad which only from firstname.lastname@example.org. To get PowerShell to do this I decided to create a Hash Table that would have the queries listed in the table.
After it would create each compliance search it would then wait for the search to gather all of the results and then export the amount of items it found to a csv file. Each Compliance Search would append its results to the same file so in the end I would have a CSV file containing all of the Compliance Searches and the objects it found for each one.
To keep from having the Compliance Search … Continue...
Recently I set out to find a way to get PowerShell to monitor NTFS and File permissions on a folder and file share. I wanted to know when permissions changed, how they changed (Read permission changed to Write permission), keep historical permission data I can reference, and lastly e-mail me the changes when they changed.
To keep historical data I made it create a new folder for each day it runs. The folder name is the date which is formatted as MMddyyyy. The next day it will run it will import the previous days results and compare them to the results of that day’s.
Each time the script runs it will append any permission changes to the results CSV file instead of overwriting any previous results. This allows you to get an overview what has changed and when, that will span more than a single day. The CSV file also … Continue...