I'm trying to set up an email reminder for users in my Active Directory environment. I found a very useful PowerShell script to do this, and I've altered it to fit my needs for office 365.
$smtpServer="smtp.office365.com"
$EmailPassword=ConvertTo-SecureString "AnAmazingPassword123" -AsPlainText -Force
$EmailCreds=New-Object System.Management.Automation.PSCredential("anAccountICreated@mycompany.com",$EmailPassword)
$expireindays = 11
$from = "My Company IT <it@mycompany.com>"
$logging = "Enabled" # Set to Disabled to Disable Logging
$logFile = "c:\adirectory\log11.csv" # ie. c:\mylog.csv
$testing = "Disabled" # Set to Disabled to Email Users
$testRecipient = ""
$date = Get-Date -format ddMMyyyy
# Check Logging Settings
if (($logging) -eq "Enabled")
{
# Test Log File Path
$logfilePath = (Test-Path $logFile)
if (($logFilePath) -ne "True")
{
# Create CSV File and Headers
New-Item $logfile -ItemType File
Add-Content $logfile "Date,Name,EmailAddress,DaystoExpire,ExpiresOn"
}
} # End Logging Check
# Get Users From AD who are Enabled, Passwords Expire and are Not Currently Expired
Import-Module ActiveDirectory
$users = get-aduser -filter * -properties Name, PasswordNeverExpires, PasswordExpired, PasswordLastSet, EmailAddress |where {$_.Enabled -eq "True"} | where { $_.PasswordNeverExpires -eq $false } | where { $_.passwordexpired -eq $false }
$maxPasswordAge = (Get-ADDefaultDomainPasswordPolicy).MaxPasswordAge
# Process Each User for Password Expiry
foreach ($user in $users)
{
$Name = (Get-ADUser $user | foreach { $_.Name})
$emailaddress = $user.UserPrincipalName
$passwordSetDate = (get-aduser $user -properties * | foreach { $_.PasswordLastSet })
$PasswordPol = (Get-AduserResultantPasswordPolicy $user)
# Check for Fine Grained Password
if (($PasswordPol) -ne $null)
{
$maxPasswordAge = ($PasswordPol).MaxPasswordAge
}
$expireson = $passwordsetdate + $maxPasswordAge
$today = (get-date)
$daystoexpire = (New-TimeSpan -Start $today -End $Expireson).Days
# Set Greeting based on Number of Days to Expiry.
# Check Number of Days to Expiry
$messageDays = $daystoexpire
if (($messageDays) -ge "1")
{
$messageDays = "in " + "$daystoexpire" + " days."
}
else
{
$messageDays = "today."
}
# Email Subject Set Here
$subject="Your password will expire $messageDays"
# Email Body Set Here, Note You can use HTML, including Images.
$body ="
Dear $name,
<p> Your password is expiring.<br>
"
# If Testing Is Enabled - Email Administrator
if (($testing) -eq "Enabled")
{
$emailaddress = $testRecipient
} # End Testing
# If a user has no email address listed
if (($emailaddress) -eq $null)
{
$emailaddress = $testRecipient
}# End No Valid Email
# Send Email Message
if (($daystoexpire -ge "0") -and ($daystoexpire -lt $expireindays))
{
# If Logging is Enabled Log Details
if (($logging) -eq "Enabled")
{
Add-Content $logfile "$date,$Name,$emailaddress,$daystoExpire,$expireson"
}
# Send Email Message
Send-Mailmessage -smtpServer $smtpServer -Credential $EmailCreds -Port 587 -UseSsl -from $from -to $emailAddress -subject $subject -body $body -bodyasHTML -priority High
} # End Send Message
} # End User Processing
# End
However, I'm getting this error:
The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.7.57 SMTP; Client was not authenticated to send anonymous mail during MAIL FROM [CY4PR17CA0043.namprd29.prod.outlook.com]
+ FullyQualifiedErrorId : SmtpException,Microsoft.PowerShell.Commands.SendMailMessage
I think the problem is that the script is trying to send the email from it@mycompany.com
without using a password. I'd prefer that, but I'm not sure how to allow that in office 365. Also, I'm not 100% sure that that's the actual issue, or if this is possible in office 365 since I'm new to the office 365 products.
I found the answer through the Microsoft Support site.
In order to avoid authentication through the sending email address, you need to change the Send-Mailmessage
to the following:
Send-MailMessage –From $from –To $emailAddress –Subject $subject –Body $body -SmtpServer $smtpServer
Where the $smtpServer
value is changed to the mail.protection.outlook.com
address
In my case, this was mycompany-com.mail.protection.outlook.com
You can find this value in your DNS MX
record, or in the Office365 Admin Center -> Settings -> Domains -> yourDomain
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.