Inform Active Directory Users of Password Expiration

Sometimes your Active Directory users will appreciate receiving notifications of when their passwords are about to expire. Having your CEO call you on your day off to let you know that they can’t login because their password has expired is never fun.

Creative Commons [by-nc-nd]

Here is a simple Powershell script that you can use to easily send out emails to users with impending password expiration.

All you will need to modify is the “-From” address and the “-SmtpServer” address on line 13 to suit your environment, and potentially the “5” on line 28 to adjust the number of days until expiry that will trigger the email to be sent.

Import-Module ActiveDirectory

function Get-PasswordExpirationDays ($User)
{
    (([datetime]::FromFileTime((Get-ADUser –Identity $User -Properties "msDS-UserPasswordExpiryTimeComputed")."msDS-UserPasswordExpiryTimeComputed"))-(Get-Date)).Days
}

function Send-ExpirationEmail ($expDays,$expEmail,$expFirst,$expLast)
{
    if ([int]$expDays -eq 1) { $expNoun = "day" } else { $expNoun = "days" }
    $expSubject = "Your computer password will expire in $expDays $expNoun"
    $expBody = "Our records indicate that your computer password is due to expire in $expDays $expNoun`r`n"
    Send-MailMessage -From [email protected] -To $expEmail -Subject $expSubject -SmtpServer "smtp.example.com" -Body $expBody
}

$Users = Get-AdUser -filter { passwordNeverExpires -eq $false -and enabled -eq $true }

ForEach ($User in $Users)
{

    $CurrentUser = "" + $User.SamAccountName + ""
    $CurrentEmail = "" + $User.UserPrincipalName + ""
    $CurrentFirst = "" + $User.GivenName + ""
    $CurrentLast = "" + $User.Surname + ""
    
    if ($CurrentEmail -ne "") {
        $CurrentExpiration = Get-PasswordExpirationDays $CurrentUser
        if ([int]$CurrentExpiration -ge 0 -and [int]$CurrentExpiration -le 5 -and $CurrentEmail -notlike "*local*") {
            Write-Host "$CurrentExpiration - $CurrentEmail"
            Send-ExpirationEmail $CurrentExpiration $CurrentEmail $CurrentFirst $CurrentLast
        }
    }

}

Run the script via Task Scheduler once a day, and you’re all set.

However, any decision you might make towards implementing such a mechanism needs to be considered as part of your broader security policy. It may not be appropriate for your organisation, and I make no warranties towards your use of the above code.

Nevertheless, this is a quick and easy way to achieve the goal, if it is right for you.

The Little Server That Could

Eight months ago, we had a catastrophic sequence of failures that – (as one of several consequences) – brought down our web infrastructure at the place of employment.

Due to the nature of some of those consequences, we weren’t able to immediately bring that web infrastructure back up on any of our tier 1 equipment.

So I had to compromise.

Running around the office, I scrounged the most powerful PC I could find, and as much memory as possible to run up a temporary hypervisor – (Xen) – then copy the virtual hard disks off our storage array, fire all four virtual machines up on this temporary hardware, and finally get the suite of corporate websites back up and running.

I also didn’t have a switch to connect it all back up to the fibre link serving our websites. You’ll notice in the picture of this Frankenstein below, a Telstra VDSL NBN business modem acting as the switch. It was just laying around!

Yes – one of these!

Given the fibre link is 100Mbps, and the “switch” is a 1000Mbps “switch”, this shouldn’t have been a problem, but I was worried about the switching backplane of this little fellow. Was it going to be able to cope? I had my doubts.

And all of this was supposed to be temporary.

Temporary.

Right.

Got it.

Obviously, it didn’t work out that way, and it was eight months later that I was finally able to shut this “temporary” server down, having finally migrated everything back out onto proper hardware and networking again.

For eight months, this conglomeration hosted 28 corporate websites and served millions and millions and millions of web requests. I can’t tell you how many – if I’d known it was going to hang around for 8 months, I would have made provisions to log and find out exactly how many!

What I’m most proud of when it comes to this beast, is that nobody knew it was like that. The performance of the websites dropped only marginally – (almost negligibly) – and this thing just kept on trucking.

Day after day. Night after night. Week after week.

I lived in constant fear of arriving at the office each day and finding the little Telstra router melted into oblivion, or the PC itself having died.

But it never did, not once.

It was the little server that could, and I’m going to miss it!

The moral of the story is that even in the midst of massive IT disasters, there’s always a way – and that sometimes, the basics can get you by!

And above all, don’t panic!

Headspace: I Found Me

Since my late teens, I’ve gone through a few battles with my mental health. I’ve always found my way through, sometimes with professional help, and sometimes without.

I’m blessed with a group of friends who have supported me along the way, but I’ve never been able to really explain to them exactly how things are in my head.

Recently I’ve found the music and thoughts of Forest Blakk, through his beautiful “If You Love Her” – and as part of this I found this spoken word piece called “Find Me”.

And finally, I found myself. This is so close to how I feel that it’s astonishing. It’s how my head works, and it’s powerful. I could have written these words myself.

So if you’re one of my crew, I can finally explain:

Menulog: Poor Form

When ordering food to home, I tend to use Menulog as they have the best selection of restaurants in my immediate local area.

Their site is easy to use, and communication about the progress of your order is excellent.

Last week however, the “communication” took a bit of a turn, and I was quite disappointed in the response from their social media team.

On arrival, I received the following text from the driver:

I found that a bit creepy – and when I pointed it out to their Twitter account, this was the exchange:

LOL?

Really? Stop and think about this for a moment. This is not even remotely funny.

Let’s suppose the customer was a woman who has recently drawn up the courage to leave an abusive relationship, but her former partner is stalking her. She decides to order in food because she’s scared to go out in public, lest she runs into her former partner.

Suddenly, a text message arrives from an unknown mobile number, and it says “Hi dear I’m outside”.

This is going to scare the living hell out of her. As a man who has left a violent female partner, I know this would scare crap out of me, given the predilection of that partner to cause trouble in my life. I know how this feels.

Do better Menulog – a lot better. Teach your drivers not to do this.

Sunday Nerding: Columbia and STS-1

Tomorrow – (in Australian time at least) – is the 40th anniversary of the first flight of NASA’s Space Transportation System (STS) – better known to most people as the Space Shuttle.

That first flight was taken by OV-102 – (named “Columbia” at the time of commissioning) – on April 12th 1981, and marked America’s return to space for the first time since the Skylab space station was abandoned in 1974.

So it was a big deal. I clearly remember watching the launch on television at our home in Townsville, and the subsequent regular updates. For someone who was interested in the space program, but not having been alive or old enough to remember Apollo and Skylab, people in space again was amazing to me.

Astronauts John Young – (the ninth man to walk on the moon) – and Robert Crippen took Columbia into orbit that day for what amounted to a test flight – launch it, get it to orbit, and land it a couple of days later.

Columbia was of course lost in 2003 on return from space while completing STS-107, only the second shuttle lost after Challenger just after launch on STS-51L in 1986.

Holden 1970’s Chic

As a Holden family – (we were General Motors and/or Holden dealers between 1958 and 1980) – the demise of the brand has been not the easiest thing to accept – but life goes on.

After my father passed away in October, and the family home was sold up, we found a lot of old memorabilia tucked away in his bedroom drawers.

Here’s a few ‘lovely’ Holden Torana related t-shirts we found:

This one was related to the “Loaded With Smart Thinking” advertising campaign, as per the following video:

Then there was this one from the earlier “When You’re Hot You’re Hot” campaign, with accompanying video:

Finally, we found one for the “infamous” Starfire 4 engine, but that wasn’t exactly a bright spot in Holden history!

Headspace: Farewell Moments

On October 1st of this dastardly year of 2020, as a family we suffered the loss of my father.

It has taken me a couple of weeks to find any kind of words to make sense of this loss – but I’m actually coping a lot better than I thought I would. Dad was unwell for about 10 years, but the last 6 months saw a rapid decline in his health, and we knew the time was near.

So it was not a surprise, but it was still a shock.

I’ve been trying to focus on what it means to me going forward. He had three children, and four grandchildren – all of whom he adored.

He was a bit of a workaholic during his working life, but he did that to support the family. We didn’t always get everything we wanted, but we always got whatever we needed.

There are so many stories I could write about – countless stories that would take years to complete.

We were always going to lose Dad one day – it is one of the truths in life that everyone we love will eventually pass – so I’d been prepared for that for quite a few years as his health steadily declined.

In the nearly two weeks since his passing, I’ve been trying to figure out exactly what his passing means to me.

I will of course miss him. I’ll never be able to pick up the phone again and talk shit about the football or the car racing again. I’ll never again be able to tease him for falling asleep in my comfy lounge chair the moment he sat in it.

Those things – (and so many others) – are gone, but I knew that would happen, so that’s okay.

While preparing his eulogy with one of my sisters – (read proudly by her at the funeral) – I figured out what I will miss the most, are not the complex memories, but the intangible moments.

There was a section in the eulogy about a football game he and I went to on ANZAC Day in 1992. Our beloved Essendon, versus Melbourne.

We were getting absolutely smashed, and at three-quarter time, we were 41 points behind – but I had a feeling that Melbourne were tiring, and I turned to Dad and said: “we’re going to win this!”

He said I was “out of my mind” – (though his actual words might have been a bit more colourful!) – but I had a feeling.

Thirty minutes later when the final siren sounded with Essendon one point in front, I turned and looked at him, grinning.

The look on his face was priceless – and I’ll never forget it.

It was one of those completely intangible moments – those moments you couldn’t just create even if you tried. It was a single moment, but borne of years of sharing our love of the game, and our Bombers.

Or the moment Channel 7 came back from a commercial break right near the very end of the 1995 Bathurst 1000, and our favourite driver Larry Perkins – (who had been racing from behind all day after an incident at the start) – had gotten into the lead with barely nine laps to go when the previous leader Glenn Seton broke down.

We were literally dancing around the lounge room in complete joy, completely on instinct. It just happened.

I’ll never lose those moments in my heart – (and there are many of them) – but what I will miss most is that there will be no more of them.

Luckily though, I do have the full set.