übernahme aus private-script-collection.git
This commit is contained in:
scriptos
parent
8da899db1f
commit
001e1e7420
3
files/Aufgabe.txt
Normal file
3
files/Aufgabe.txt
Normal file
@ -0,0 +1,3 @@
|
||||
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
||||
|
||||
- command "C:\scripts\password-reminder.v1.ps1
|
||||
BIN
files/CPR - Kennwortablaufbenachrichtigung-für-alle.xml
Normal file
BIN
files/CPR - Kennwortablaufbenachrichtigung-für-alle.xml
Normal file
Binary file not shown.
80
password-reminder.v1-functional.ps1
Normal file
80
password-reminder.v1-functional.ps1
Normal file
@ -0,0 +1,80 @@
|
||||
# Active Directory Passwort Policy:
|
||||
$MaxPasswordAge = 365 # Max Password age in days
|
||||
$WarningLevel = 364 # Warn Users XX Days before Password expires
|
||||
|
||||
# Mail Settings:
|
||||
$SMTPServer = "smtp.media-techport.int"
|
||||
$FromName = "Media-Techport.DE | Passwort Erinnerung"
|
||||
$FromEmail = "noreply@media-techport.de"
|
||||
$Subject = "Dein Passwort muss geändert werden!"
|
||||
|
||||
# Funktion zur expliziten Zeichencodierung
|
||||
function Encode-StringToUTF8 ($inputString) {
|
||||
$utf8Bytes = [System.Text.Encoding]::UTF8.GetBytes($inputString)
|
||||
return [System.Text.Encoding]::UTF8.GetString($utf8Bytes)
|
||||
}
|
||||
|
||||
# Message Template (Mailbody)
|
||||
function New-MailBody ($GivenName, $Surname, $DaysBeforePasswordchange, $PasswordExpireDate) {
|
||||
$Mailbody = @"
|
||||
<html>
|
||||
<head>
|
||||
</head>
|
||||
<body>
|
||||
Hallo $($GivenName) $($Surname),
|
||||
<br>
|
||||
Du erhälst diese E-Mail, da du ein Benutzerkonto auf Media-Techport.DE hast.
|
||||
<br>
|
||||
Dein Passwort bei media-techport.de endet am $($PasswordExpireDate).
|
||||
<br>
|
||||
Du hast $($DaysBeforePasswordchange) Tage Zeit dein Kennwort zu ändern.
|
||||
<br>
|
||||
Wenn du der Passwortänderung nicht nachkommst, wirst du dich bei deinem Administrator melden müssen, damit das Kennwort gesetzt werden kann.
|
||||
<br>
|
||||
<br>
|
||||
Freundliche Grüße
|
||||
<br>
|
||||
Media-Techport.DE
|
||||
</body>
|
||||
"@
|
||||
return Encode-StringToUTF8 $Mailbody
|
||||
}
|
||||
|
||||
# Import all active AD-Users
|
||||
$AllADUsers = Get-ADUser -Filter {Enabled -eq $True -and PasswordNeverExpires -eq $False} -Properties PasswordLastSet, mail
|
||||
|
||||
# Calculate expiring passwords and store them in an object
|
||||
$today = Get-Date
|
||||
$ExpirePasswordList = @()
|
||||
foreach ($ADUser in $AllADUsers) {
|
||||
$GivenName = $ADUser.GivenName
|
||||
$Surname = $ADUser.Surname
|
||||
$MailAddress = $ADUser.mail
|
||||
|
||||
$PasswordLastSet = $ADUser.PasswordLastSet
|
||||
$PasswordExpireDate = $PasswordLastSet.AddDays(+$MaxPasswordAge)
|
||||
|
||||
$DaysBeforePasswordchange = ($PasswordExpireDate - $today).Days
|
||||
if ($DaysBeforePasswordchange -le $WarningLevel) {
|
||||
$ExpirePasswordList += New-Object PSObject -property @{Givenname=$Givenname;Surname=$Surname;MailAddress=$MailAddress;DaysBeforePasswordchange=$DaysBeforePasswordchange;PasswordExpireDate=$PasswordExpireDate}
|
||||
}
|
||||
}
|
||||
|
||||
# Filter Users with Mailaddresses
|
||||
$ExpirePasswordList = $ExpirePasswordList | Where-Object {$_.mailaddress}
|
||||
|
||||
# Send mail to every user with expired password
|
||||
foreach ($ADUser in $ExpirePasswordList) {
|
||||
$GivenName = $ADUser.GivenName
|
||||
$Surname = $ADUser.Surname
|
||||
$MailAddress = $ADUser.MailAddress
|
||||
$DaysBeforePasswordchange = $ADUser.DaysBeforePasswordchange
|
||||
$PasswordExpireDate = $ADUser.PasswordExpireDate
|
||||
|
||||
$Body = New-MailBody $GivenName $Surname $DaysBeforePasswordchange $PasswordExpireDate
|
||||
|
||||
# Erstelle den "From" Header mit Sendername und E-Mail-Adresse
|
||||
$FromHeader = "{0} <{1}>" -f $FromName, $FromEmail
|
||||
|
||||
Send-MailMessage -SmtpServer $SMTPServer -To $MailAddress -From $FromHeader -Body $Body -BodyAsHtml -Subject $Subject -Encoding ([System.Text.Encoding]::UTF8)
|
||||
}
|
||||
91
password-reminder.v1.ps1
Normal file
91
password-reminder.v1.ps1
Normal file
@ -0,0 +1,91 @@
|
||||
# Script Name: password-reminder.v1.ps1
|
||||
# Beschreibung: Schickt dem Nutzer eine Kennwortablauferinnerung
|
||||
# Aufruf: -
|
||||
# Autor: Patrick Asmus
|
||||
# Web: https://www.media-techport.de
|
||||
# Git-Reposit.: https://git.media-techport.de/scriptos/private-script-collection.git
|
||||
# Version: 2.1
|
||||
# Datum: 21.10.2023
|
||||
# Modifikation: logo verschoben
|
||||
#####################################################
|
||||
|
||||
# Active Directory Passwort Policy:
|
||||
$MaxPasswordAge = 365 # Max Password age in days
|
||||
$WarningLevel = 14 # Warn Users XX Days before Password expires
|
||||
|
||||
# Mail Settings:
|
||||
$SMTPServer = "smtp.media-techport.int"
|
||||
$FromName = "Media-Techport.DE | Account Service"
|
||||
$FromEmail = "noreply@media-techport.de"
|
||||
$Subject = "Wichtige Mitteilung - Dein Kennwort läuft bald ab"
|
||||
|
||||
# Funktion zur expliziten Zeichencodierung
|
||||
function Encode-StringToUTF8 ($inputString) {
|
||||
$utf8Bytes = [System.Text.Encoding]::UTF8.GetBytes($inputString)
|
||||
return [System.Text.Encoding]::UTF8.GetString($utf8Bytes)
|
||||
}
|
||||
|
||||
# Funktion zum Erstellen des E-Mail-Texts (Mailbody)
|
||||
function New-MailBody ($GivenName, $Surname, $DaysBeforePasswordchange, $PasswordExpireDate, $PasswordLastSet) {
|
||||
$Mailbody = @"
|
||||
<!DOCTYPE html><html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" id="u0" href="https://de.rakko.tools/tools/129/lib/tinymce/skins/ui/oxide/content.min.css"><link rel="stylesheet" type="text/css" id="u1" href="https://de.rakko.tools/tools/129/lib/tinymce/skins/content/default/content.min.css"></head><body id="tinymce" class="mce-content-body " data-id="content" contenteditable="false" spellcheck="false" style="background-color: #9FB6CD;">
|
||||
<p><span style="font-size: 12pt;"><img src="https://assets.media-techport.de/logos/main/LogoSchwarz.png" alt="Logo-Schwarz" width="433" height="132" /></span></p>
|
||||
<p><span style="font-family: verdana, geneva, sans-serif;"><strong><span style="font-size: 18pt;">Hallo $($GivenName),</span></strong></span></p>
|
||||
<p><span style="font-family: verdana, geneva, sans-serif;"><br />Ich möchte dich darüber informieren, dass dein aktuelles Kennwort in Kürze abläuft.</span><br /><span style="font-family: verdana, geneva, sans-serif;">Die Sicherheit deiner Daten ist mir ein wichtiges Anliegen und das regelmäßige Aktualisieren deines Kennworts ist ein wesentlicher Schutzmechanismus.<br /><br /><br /></span></p>
|
||||
<p><strong><span style="font-size: 12pt; font-family: verdana, geneva, sans-serif;">Dein Account ist mit folgenden Services verknüpft:</span></strong></p>
|
||||
<p><span style="font-family: verdana, geneva, sans-serif;">- <a title="https://subsonic.media-techport.de/" href="https://subsonic.media-techport.de/" target="_blank" rel="noopener">Subsonic Media Streamer</a></span><br /><span style="font-family: verdana, geneva, sans-serif;">- <a title="https://cloud.media-techport.de/" href="https://cloud.media-techport.de/" target="_blank" rel="noopener">NextCloud</a></span><br /><span style="font-family: verdana, geneva, sans-serif;">- <a title="https://ftp2.media-techport.de/" href="https://ftp2.media-techport.de/" target="_blank" rel="noopener">Wing FTP-Server</a><br /><br /><br /></span></p>
|
||||
<p><strong><span style="font-family: verdana, geneva, sans-serif;">Bitte beachte folgende Informationen zu deinem Account:</span></strong></p>
|
||||
<p><span style="font-family: verdana, geneva, sans-serif;">- Dein Kennwort läuft am $($PasswordExpireDate) ab.</span><br /><span style="font-family: verdana, geneva, sans-serif;">- Gemäß meiner Sicherheitsrichtlinien müssen Kennwörter alle 365 Tage geändert werden.</span><br /><span style="font-family: verdana, geneva, sans-serif;">- Dein Kennwort wurde zuletzt am $($PasswordLastSet) aktualisiert.<br />- Wenn du dein Kennwort nicht änderst, wird es in 14 Tagen ablaufen und dein Benutzer deaktiviert.<br />- Wenn dein Account einmal deaktiviert ist, kannst du diesen nur noch über mich wieder aktivieren.</span></p>
|
||||
<p><span style="font-family: verdana, geneva, sans-serif;">Du kannst dein Kennwort <span style="text-decoration: underline;"><strong><a title="https://adauth.media-techport.de/" href="https://adauth:only-for-authorized@adauth.media-techport.de/" target="_blank" rel="noopener">hier</a></strong></span> ändern.</span><br /><br /><br /></p>
|
||||
<p><strong><span style="font-family: verdana, geneva, sans-serif;">Bitte beachte meine Kennwortrichtlinien:</span></strong></p>
|
||||
<p><span style="font-family: verdana, geneva, sans-serif;">Das Kennwort darf nicht den Kontonamen des Benutzers oder mehr als zwei Zeichen enthalten, die nacheinander im vollständigen Namen des Benutzers vorkommen.</span><br /><span style="font-family: verdana, geneva, sans-serif;">Das Kennwort muss mindestens acht Zeichen lang sein.</span><br /><span style="font-family: verdana, geneva, sans-serif;">Das Kennwort muss Zeichen aus drei der folgenden Kategorien enthalten:</span><br /><span style="font-family: verdana, geneva, sans-serif;">Großbuchstaben (A bis Z)</span><br /><span style="font-family: verdana, geneva, sans-serif;">Kleinbuchstaben (a bis z)</span><br /><span style="font-family: verdana, geneva, sans-serif;">Zahlen zur Basis 10 (0 bis 9)</span><br /><span style="font-family: verdana, geneva, sans-serif;">Nicht alphabetische Zeichen (zum Beispiel !, $, #, %)</span><br /><span style="font-family: verdana, geneva, sans-serif;">Die Komplexitätsvoraussetzungen werden erzwungen, wenn Kennwörter geändert oder erstellt werden.</span></p>
|
||||
<p><span style="font-family: verdana, geneva, sans-serif;">Bitte antworte nicht auf diese E-Mail.<br />Wenn du Unterstützung benötigst oder Fragen hast, zögere nicht dich über mein <a title="https://helpdesk.media-techport.de" href="https://helpdesk.media-techport.de">Helpdesk</a> oder per <a title="support@media-techport.de" href="mailto:support@media-techport.de" target="_blank" rel="noopener">Mail</a> an mich zu wenden.<br /><br /><br /></span></p>
|
||||
<p><span style="font-family: verdana, geneva, sans-serif;">Freundliche Grüße</span><br /><span style="font-family: verdana, geneva, sans-serif;">Patrick Asmus</span><br /><span style="font-family: verdana, geneva, sans-serif;">___________________________</span><br /><span style="font-family: verdana, geneva, sans-serif;"><a title="www.media-techport.de" href="http://www.media-techport.de" target="_blank" rel="noopener">www.media-techport.de</a> </span></p>
|
||||
<p><span style="font-family: verdana, geneva, sans-serif;">Mobil: +49 (0) 1573 / 90 57 0353</span><br /><span style="font-family: verdana, geneva, sans-serif;">E-Mail: <a title="support@media-techport.de" href="mailto:support@media-techport.de" target="_blank" rel="noopener">support@media-techport.de</a></span></p>
|
||||
</body></html>
|
||||
"@
|
||||
|
||||
$MailbodyPath = "C:\temp\mailbody.html"
|
||||
$Mailbody | Out-File -FilePath $MailbodyPath -Encoding UTF8
|
||||
return $MailbodyPath
|
||||
}
|
||||
|
||||
# Import all active AD-Users
|
||||
$AllADUsers = Get-ADUser -Filter {Enabled -eq $True -and PasswordNeverExpires -eq $False} -Properties PasswordLastSet, mail
|
||||
|
||||
# Calculate expiring passwords and store them in an object
|
||||
$today = Get-Date
|
||||
$ExpirePasswordList = @()
|
||||
foreach ($ADUser in $AllADUsers) {
|
||||
$GivenName = $ADUser.GivenName
|
||||
$Surname = $ADUser.Surname
|
||||
$MailAddress = $ADUser.mail
|
||||
|
||||
$PasswordLastSet = $ADUser.PasswordLastSet
|
||||
$PasswordExpireDate = $PasswordLastSet.AddDays(+$MaxPasswordAge)
|
||||
|
||||
$DaysBeforePasswordchange = ($PasswordExpireDate - $today).Days
|
||||
if ($DaysBeforePasswordchange -le $WarningLevel) {
|
||||
$ExpirePasswordList += New-Object PSObject -property @{Givenname=$Givenname;Surname=$Surname;MailAddress=$MailAddress;DaysBeforePasswordchange=$DaysBeforePasswordchange;PasswordExpireDate=$PasswordExpireDate.ToString("dd.MM.yyyy");PasswordLastSet=$PasswordLastSet.ToString("dd.MM.yyyy")}
|
||||
}
|
||||
}
|
||||
|
||||
# Filter Users with Mailaddresses
|
||||
$ExpirePasswordList = $ExpirePasswordList | Where-Object {$_.mailaddress}
|
||||
|
||||
# Send mail to every user with expired password
|
||||
foreach ($ADUser in $ExpirePasswordList) {
|
||||
$GivenName = $ADUser.GivenName
|
||||
$Surname = $ADUser.Surname
|
||||
$MailAddress = $ADUser.MailAddress
|
||||
$DaysBeforePasswordchange = $ADUser.DaysBeforePasswordchange
|
||||
$PasswordExpireDate = $ADUser.PasswordExpireDate
|
||||
$PasswordLastSet = $ADUser.PasswordLastSet
|
||||
|
||||
$BodyPath = New-MailBody $GivenName $Surname $DaysBeforePasswordchange $PasswordExpireDate $PasswordLastSet
|
||||
|
||||
# Erstelle den "From" Header mit Sendername und E-Mail-Adresse
|
||||
$FromHeader = "{0} <{1}>" -f $FromName, $FromEmail
|
||||
|
||||
Send-MailMessage -SmtpServer $SMTPServer -To $MailAddress -From $FromHeader -Body (Get-Content $BodyPath | Out-String) -BodyAsHtml -Subject $Subject -Encoding ([System.Text.Encoding]::UTF8) -Priority High
|
||||
}
|
||||
BIN
screenshots/2023-10-21 21_39_56-Window.png
Normal file
BIN
screenshots/2023-10-21 21_39_56-Window.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 20 KiB |
BIN
screenshots/2023-10-21 21_40_14-Window.png
Normal file
BIN
screenshots/2023-10-21 21_40_14-Window.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 29 KiB |
BIN
screenshots/2023-10-21 21_40_31-Window.png
Normal file
BIN
screenshots/2023-10-21 21_40_31-Window.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 21 KiB |
BIN
screenshots/2023-10-21 21_40_44-Window.png
Normal file
BIN
screenshots/2023-10-21 21_40_44-Window.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 22 KiB |
BIN
screenshots/2023-10-21 21_40_50-Window.png
Normal file
BIN
screenshots/2023-10-21 21_40_50-Window.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 20 KiB |
Loading…
Reference in New Issue
Block a user