Okay, this one is more about the great community of powershell users. I took a task upon myself after realizing user’s admin accounts were not part of the password synchronization process. The task was a good way to show the group how Powershell could be used. Being a huge fan of one-liners I sent some informative emails showing how easy it was to list user accounts and vital information such as whether it is disabled or the password expired. Its really not about that though. Based on the results it seemed logical to create a script to perform an audit, to include notification to users that their password would expire.
So, onto the point of this posting. I started working on the script, tested the logic for identifying password expiration now it was time to work on formatting the email message(s). I could have made it a simple one line email but considering the recipients I wanted it to be a little more informational.
II have experimented with Here-Strings but never really used them so here was a chance to put it to use…. Doh! its not working, research the problem a little and the problem was, in following proper indentation the string completion meant the whitespace, aka blank spaces, aka tabs, aka indentation was considered the first characters on the line. Wondering if maybe I was missing something I posted to the powershellcommunity.org. I have always been impressed with how quick and in-depth people work to help others on this site. Almost instantly it was confirmed that there was no workaround with here-strings but also a ton of recommendations for alternatives. Then some feedback in terms of sure indentation is great but for the sake of performance and compliance its no crime to break the format to use a true Powershell function versus going through more complicated methods… I hesitated and as you see in the full code listing below I tried two methods and stuck with breaking the “pretty” formatting of the code to use the Here-String. So as the following code shows $usrmsg breaks the indentation, it provides a concise way to build a body of text. I would also like to point out, using a Here-String also made it easier to pass to the function that actually sends the email. A here-string starts with @” and ends with “@, so below you can see it begin with $usrmg=@” so the string will be stored in a variable named $usrmg. Very simple combination of text lines with dynamic data (i.e. $msgdate will actually be the date when the script is executed) assembled and stored to be passed on, the result will be used as the body of the email message.
Done…. not so fast. With Powershell Version 2 sending an email is easy since they included a cmdlet for just that. Code was done, test worked but the actual send-mail message structure was just one very long line. I was using Bing to search for more help with a send-mail message parameter and came across a great blog posting by the group who developed Powershell. Again, very impressed that they not only wrote the language but do a great job of encouraging its use with some great examples and explanations. In reading they address the specific topic of send-mailmessage getting unwieldy and I just had to use it. Basically it stores all of the parameters in a hash table. The resulting code looks cleaner, easier to debug and an added benefit was I could code it out with two values for the email address the email would go to, so one it was ready to go all I need to do is remove the line that had To = my email address and then remove the comment (#) for the entry that used the dynamic value of the user’s email address for notification.
function usrnotification { param([string]$varname ,
[string]$usremail ,
[string]$vartil
)
Process {$msgdate=(get-date).tostring()
# $msgbody=[System.String]::Format("{0}`r{1}`r{2}",# "Message generated: $msgdate from $env:COMPUTERNAME on $msgdate ",# "The password for your Windows Admin account $usersam is set to expire in $vartil days ",# "Please verify and change your password."# )# NOTE: Indentation ceased for message text creation$usrmsgtxt=@"Message generated: $msgdate from $env:COMPUTERNAME on $msgdate .
The password for your Windows Admin account $usersam is set to expire in $vartil days.
Please verify and change your password.
"@ # End of message text assembly$bodytxt = $usrmsg | out-string
$usrmsg = @{ Subject = "Windows Admin Account Password Expiration" From = "sender@sendingdomain.com" # To = $usremail To = "recipient@todomain.com" smtpserver = "servername.yourdomain.com"Body = $bodytxt
} # End of mailmessage parameterssend-mailmessage @usrmsg
No revolutionary code, just a great experience with a great tool and even greater collection of people energized and collaborating for the good of the community.
