New-PasswordReminder – Config Options

This Document describes all possible options for the Script New-PasswordReminder.ps1

Filename and Location

The default Filename for the config file is PasswordReminder.cfg and by default the file should be placed in the same folder as the Script.

You may change the Name and the Path by chaning the $ConfigPath variable in the Script by either adding the new filename or the new Path including the filename.

Example: $ConfigPath = “NewFileName.txt” or $ConfigPath = “D:\Folder\NewFileName.txt”

File Structure

The config file is based on XML to make it simply to read and also simple to process. It is divided into several sections.

The XML root-Element is called <PasswordReminder>, it contains all other attributes and is mandatory.

<General> – Element contains all global script configuration elments. For details see <General> .

<Mail> – Element contains all Mail related configurations. It is mandatory and may only exist once. For details see <Mail> .

<ReminderGroup> – Element contains all configuration for a group of users. It is mandatory and may exist more than once. For details see <ReminderGroup> .

General – Options

The following Options have to be place inside the <General> – Section.

 

<TestMode> – Element

Use this switch to enable or disable the test mode. When you set this to True, all E-Mails will be sent to the Address you specify within <TestReceipient>.

  • Possible values: True or False
  • Mandatory: no, this element can be left from configuration
  • Default: False

Example:

<EnableLogging> – Element

Use this switch to enable or disbale Logging. When set to True, script will create a log file.

  • Possible values: True or False
  • Mandatory: no, this element can be left from configuration
  • Default: False
  • Example:

<LogfilePath> – Element

In this Element you specify the path where Logfiles should be placed. The Path should point to a folder and must not have a leading \ .

  • Possible values: String, with path to Log folder
  • Mandatory: yes, if Logging is enabled
  • Default:  none, you have to specify a path
  • Example:

<LogLevel> – Element

In this element you specify how detailed the loggin will be.

  • Possible values:
    • Error – only errors will be logged
    • Normal – most common setting, will log some usefull activity of the script
    • Informational – will log some more activity informaiton of the script
    • Debug – will write the most detailed information to the log file
  • Mandatory: yes, if Logging is enabled
  • Default:  none, you have to specify a level
  • Example:

<DaysToKeepLogFile> -Element

Specify how long log files wille be kept in the log folder before they are moved into the archive. The archive folder will automatically be created in the log folder when the first log files is archived. The archive will a folder for each year and each month.

  • Possible values: number, days that should retain in the log folder
  • Mandatory: no
  • Default:  5
  • Example:

Note: If you use PowerShell version 4 or less, files will only be moved in to the archive folder. In PowerShell version >5 files will be added to a ZIP-Archive.

<DomainControllerFQDN> – Element

With this element you specify the Domain Controller which will be used for requesting user information.

  • Possible values: string, full qualified name of the domain controller
  • Mandatory: yes
  • Default:  none, you have to specify a FQDN
  • Example:

<TemplatePath> – Element

With this element you specify the path where the email templates can be found. The Path should point to a folder and must not have a leading \ .

  • Possible values: String, with path to Log folder
  • Mandatory: yes
  • Default:  none, you have to specify a Path
  • Example:

<AdditionalFilter> – Element

This element is used to specify additional filtering to user who received notifications or not. By default the script will only filter active AD-User with PasswordNeverExpires not set. The filter will look at the distinguishedName of the user.

  • Possible values: String, including wilcard characters. Separate filters using “;”
  • Mandatory: no
  • Default:  none
  • Example:

In this example users located in the OU Admin or having adm in the name will be filtered.

<DaysToRemind> – Element

This elements allows you to specify on how many days before the expiration of a password the user will be notified.

  • Possible values: number, Separate days using “;”
  • Mandatory: yes
  • Default:  none
  • Example:

Remind users 1,3 and 7 before the password exipres.

Mail – Options

This settings are related to E-Mail and must be placed inside the <Mail> – Section

 

 <SmtpServer> – Element

Specify the SMTP-Server which should be used to send E-Mails.

  • Possible values: string, FQDN of the mail server
  • Mandatory: yes
  • Default:  none
  • Example:

At the moment the script will only communicate unencrypted and without any authentication with the server. This features are planned for a futured release.

<TestReceipient> – Element

Specify the mail adress which will receive all sent emails when TestMode is enabled.

  • Possible values: string, multiple separated by “,”
  • Mandatory: yes, if TestMode is enabled
  • Default:  none
  • Example:

ReminderGroup – Options

The <ReminderGroup> – Element is used to group all settings for a SearchBase.

<SearchBase> – Element

With this element you can specify the path where the script will start searching recusibly for user in you directory. Depending on you installation this may enable you to send notifications only for a special set of users.

  • Possible values: string, Searchbase
  • Mandatory: yes
  • Default:  none
  • Example:

<TimeToNotify> – Element

Speficy the time when the notifications for this group should be sent out. The scripts will always use UTC times, so please specify the time in UTC. This option exists because the script is meant to run as scheduled task every hour. So you can have different groups notified at different times. The scripts allows an internal offset of +/- 10 minutes between actual time and specified time.

  • Possible values: HH:mm, time in Hours and minutes
  • Mandatory: yes
  • Default:  none
  • Example:

 

<TemplateName> -Element

This field is used to specify the file for the template that should be used as E-Mail. The file needs to be placed in the folder specified within <TemplatePath>. In your template you can use the following fields which will then be replaced by the script [LastName],[FirstName],[Days],[FromAddress],[SenderName],[Phone]

  • Possible values: string, template filename
  • Mandatory: yes
  • Default:  none
  • Example:

 

<SenderAdress> – Element

The address specified in this field will be used in the From: field of the E-Mail. This will be Adress the E-Mail will be send from.

  • Possible values: string, E-Mail address
  • Mandatory: yes
  • Default:  none
  • Example:

 

<SenderName> – Element

This field will be used to replace [ServiceDesk] tag in the template.

  • Possible values: string
  • Mandatory: yes
  • Default:  none
  • Example:

 

<MailSubject> – Element

This field will be used as the Mail subject. This string is static, you can not add dynamical values.

  • Possible values: string
  • Mandatory: yes
  • Default:  none
  • Example:

 

<ContactPhone> – Element

This field will be used to replace [Phone] tag in the template.

  • Possible values: string
  • Mandatory: yes, but you can leave it blank
  • Default:  none
  • Example:

 

<SummaryReceipient> – Element

E-Mail address which will receive a summary when Passwords are expiring today. You can use this list to easily see if a users has an exipired password when he calls you.

  • Possible values: string, multiple values separated with “,”
  • Mandatory: no
  • Default:  none
  • Example: