How do I notify Azure Active Directory users when password is about to expire?
HTML-код
- Опубликовано: 11 сен 2024
- How do I set password expiration notification?
How to notify Office 365 users that passwords will expire?
How do I notify Azure Active Directory users when password is about to expire?
How to set password expire notification in Azure Active Directory?
How to Setup a Password Expiration Notification Email
Password Expiration Scheduling in Active Directory
A password expiration reminder script in PowerShell
How to Notify Azure Active Directory Users for Password Expiration
Password Expiry Notification Script
Password Expiry Notification Script
Join PaddyMaddy channel to get access to perks:
👉 / @paddymaddy26
Script 👉 1drv.ms/f/s!As...
#PaddyMaddy
Great presentation on this. Is it possible to modify the script testing option to to a bunch of users? Meaning having a batch of users receive the notification that their password is about to expire, as opposed to everyone in the org, once the test option is disabled.
Hello @yomicode802, thank you for your feedback. It is possible to modify the script testing option to send notifications to a specific batch of users instead of everyone in the organization. You can achieve this by customizing the script to target only certain users based on specific criteria such as role, department, or location. This way, you can tailor the notifications to reach only those users whose passwords are about to expire. Thank you for watching our presentation!
@@PaddyMaddy26 Thanks for the response.
@@PaddyMaddy26 May I get your assistance to modify script testing option to send notifications to only a few testing users for now?
Fantastic walk-through.
Thank you for your kind words, we're glad you enjoyed our walkthrough! If you have any suggestions or feedback for future videos, feel free to let us know. And don't forget to like, subscribe, and hit the notification bell for more content. Thanks again for watching!
Great instruction!! Very useful!!
Thank you so much for your kind words! I'm glad my instruction and courses are useful for you. If you have any questions or need any specific course coupon, please don't hesitate to contact me at trainings@memcourse.com or use my website at PaddyMaddy.com. I'm always here to help.
Hi Sir,
I really love to watch your videos it's just amazing. Could you please make a video on "To block sending mails to external mails, sending confidential attachments to outside organization, Blocking some particular words. It will be helpful.
Thanks in advance.
Thank you for your suggestion! I would love to create a video on the topics you mentioned. I will add it to my list of ideas for upcoming videos. If you have any additional questions or suggestions, please feel free to reach out via email at trainings@memcourse.com or by phone. Thank you for your interest in my courses!
@@PaddyMaddy26 Ok sure, thanks for your reply 😍
This video is very helpful. Instead of retrieving all users, how could specify all users in a particular distribution group?
Thank you for your feedback on our video. To specify all users in a particular distribution group, you can use the Get-DistributionGroupMember cmdlet in PowerShell. This cmdlet allows you to specify the distribution group you want to retrieve users from and can help you narrow down your search to only include members of that specific group. If you have any further questions or need assistance with this process, please feel free to reach out.
where you able to resolve this with the distribution group? if so please kindly share the change you made on the script if you can
What would Microsoft charge to run the services setup in this video? The web app and any other associated costs? Trying to determine if this is cost-effective to set up. I am not looking for you to set this up or to sign up for any courses, just wondering what Microsoft would charge.
Thank you for your inquiry. Microsoft does not charge for the setup of web apps and associated services, however, there may be associated costs depending on the services you use. For example, the cost of using Azure Storage or Azure SQL Database will vary depending on the size and amount of data you are using. It is best to check the pricing for each service you wish to use on the Microsoft Azure website to determine exact costs. If you have any other questions, please do not hesitate to reach out.
What is the monthly cost to run the services setup in this video? The web app and any other associated costs? Trying to determine if this is cost-effective to setup.
Thank you for your inquiry. We offer various plans and pricing options for our services, which you can find on our website. Depending on your needs and budget, you can choose from our range of plans to find the most cost-effective solution. If you have any questions regarding the pricing or need more information, please do not hesitate to contact us.
Great! This is what I'm looking for. However, how can I automate the process?
@hoangkhangnguyencuu6135 Thank you for your positive feedback! To automate the process, you can consider using software tools or scripts that can help streamline repetitive tasks and save time. There are also automation platforms available that allow you to set up workflows and triggers to automate various actions. I recommend doing some research on automation solutions that best fit your specific needs and requirements. Hope this helps!
Worked great.
Question. So will i have to run this script everyday manually from a Windows PC/ Server? Is there a way to run the webapp automatically from Azure itself?
Thank you for your question. Yes, you will need to manually run the script from a Windows PC or Server. However, you can configure Azure to automatically run the web application with a web job or an Azure Automation runbook. If you need any help setting this up, please let us know.
@@PaddyMaddy26 Thanks for clarifying.
I tried adjusting the script to work in Azure Automation runbook. However i'm currently getting the error below
Certificate with thumbprint '######' was not found in certificate store or has expired.
Cannot find path 'Cert:\CurrentUser\My\######' because it does not exist.
Must specify 'CertificateThumbprint or CertificateSubjectName or Certificate'.
@@PaddyMaddy26 Noticed that the web application created in this video is missing the App Service tab, due to this i'm unable to create an associated web job
Thank you for showing how its done. Very useful.
Thank you for your kind words. I'm glad you found the information useful. If you have any further questions, please don't hesitate to contact me via email (trainings@memcourse.com) or through my blog (PaddyMaddy.com).
Great tutorial, Appreciate you putting this together!
Thank you for your kind words. I'm glad you found my tutorials helpful. If you have any further questions, please don't hesitate to reach out to me via email at trainings@memcourse.com or through my blog at PaddyMaddy.com. I'm here to help.
Thank you for this video. Can we use email domain certificate instead of self-signed certificate ?
Hello RManoj-fo3ry, thank you for your comment. Yes, you can use an email domain certificate instead of a self-signed certificate for added security and authenticity in email communication. Email domain certificates are issued by trusted Certificate Authorities and provide a higher level of assurance for recipients that the email is coming from a legitimate source. It's recommended to use email domain certificates to enhance the security of your email communications. Let me know if you have any other questions. Thank you.
Is that we can send email over logic app?
Hi Hari,
Yes, you can definitely send emails through Logic App. Logic Apps offer a variety of connectors and actions that allow you to integrate with email services and send emails based on certain triggers or conditions. You can set up an email action within a Logic App workflow to send emails to specific recipients with customizable content.
I hope this helps! If you have any further questions or need assistance with setting up email functionality within a Logic App, feel free to ask.
Thank you for your comment.
are you able to show how you can test this before implementing? are you able to create a script just for one user to test?
Hello @bernadettecalimlim7200, thank you for your comment. When it comes to testing implementations, there are several approaches that can be taken. One common practice is to create test scripts or scenarios that mimic user interactions and evaluate how the implementation performs under those conditions.
In response to your question, yes, it is possible to create a script for one user to test the implementation. This can be done by creating a test scenario that replicates the actions and behavior of a single user, allowing us to assess how the system responds accordingly.
Additionally, there are other testing methods such as unit testing, integration testing, and user acceptance testing that can be utilized to ensure the implementation works as expected before it is fully deployed.
I hope this provides some insight into the testing process. If you have any further questions or need more information, please feel free to ask.
Hi Bro
When will you release 2nd part of installing Configuration Manager
I will be doing by tomorrow morning
Thank you for this, in my case I have Active Directory in hybrid mode with Azure AD and M365, how can I implement password expiration notification?
Hi DavidPatterson40108,
Thank you for your comment. If you have Active Directory in hybrid mode with Azure AD and M365, there are a few ways you can implement password expiration notification.
One way is to leverage the Azure AD Premium P1 or P2 license, which provides access to advanced features like self-service password reset and password expiration notification. With this license, you can configure password expiration policies and notifications within Azure AD.
Alternatively, you can use PowerShell scripts to create custom solutions for password expiration notification. You can write a script that queries the Active Directory for passwords nearing expiration and sends notifications to users via email or other communication channels.
It's worth noting that implementing password expiration notifications is crucial for maintaining security and ensuring users regularly update their passwords. However, it's important to strike a balance between security and usability, as constant password changes may lead to weaker passwords being chosen.
I hope this helps! If you have any further questions, please let me know.
Best regards,
Paddymaddy
Hello, the tutorial is amazing, when I generated the cert I get an error message and the cert fails to upload even though it gets generated.
Hi @shaiblou4960,
Thank you for your comment and for trying out the tutorial. I'm sorry to hear that you encountered an error message when trying to upload the generated certificate.
Could you provide more details about the error message you received? This information will help me to better understand the issue and provide you with a solution.
In the meantime, you can try troubleshooting by ensuring that the certificate is in the correct format and that all necessary fields are filled out correctly before uploading.
Please let me know if you need any further assistance. Thank you for your understanding.
@@PaddyMaddy26 Hi thank you for the fast response, I am happy I found your channel, I ended up copying and pasting from your script instead of typing it out
I have an doubt bro, shall i give password expires notification for users through azure portal for postgresql? it is possible?
Yes, it is possible to send password expiration notifications for users through the Azure portal for PostgreSQL. You can use the Azure Active Directory (AAD) Password Expiration Policy to configure password expiration settings. To learn more about this feature, please refer to the official documentation at docs.microsoft.com/en-us/azure/active-directory/authentication/howto-password-expiration.
Is there any way to do it on Azure only without using powershell
Hi DiveshMittal,
Yes, it is possible to achieve tasks on Azure without using PowerShell. In Azure, you can use the Azure portal, Azure CLI, Azure Resource Manager templates, and various other tools to manage and automate your Azure resources. Feel free to explore these options to see which one best suits your needs.
Let me know if you need any further assistance with this.
Best regards,
Paddymaddy
@@PaddyMaddy26 Thanks, so using Azure portal can I use this script like creating powershell vm on Azure
Yes you can
NOT secured at all , MS recomended few years ago to disable password rotation in AAD/M365. Orgs who will use this scenarion risking single point of failure. People leaving organisions and this setup can be compromised very easiy. InfoSec will never allow this setup ;)
Thank you for your comment. We understand the security concerns that come with enabling password rotation and we take them very seriously. We have taken steps to ensure that the security of our systems is not compromised, such as implementing multi-factor authentication and using strong encryption. We also have protocols in place to ensure that when a user leaves the organization, their credentials are revoked. We appreciate your input and will continue to prioritize security in all of our systems.
Got it working without errors but only seems to send to 0 day. We are on hybrid exchange shop and out passwords are synched with Active Directory
Hi Geoff,
Thank you for your comment and sharing your experience with the RUclips video. I'm glad to hear that you were able to get it working without any errors.
Regarding the issue you mentioned about it only sending to 0 day, it's possible that there might be some specific settings or configurations required for sending to other days in your hybrid exchange environment.
Considering you mentioned that your passwords are synched with Active Directory, it's recommended to check if there are any limitations or restrictions within your Active Directory setup that could be causing this behavior. Additionally, verifying if the necessary permissions are correctly set up for the email notifications to be sent to different days could also be worth looking into.
If you need more assistance or have any further questions, please feel free to let me know. I'll be happy to help you troubleshoot the issue further.
Best regards,
Paddymaddy
Can we push this script through Intune? Will this run everyday?
Hi Raghu8844,
Thank you for your question. Yes, this script can be pushed through Intune to run on a regular basis. Intune allows for automated deployment and management of scripts, so you can schedule this script to run daily if needed.
I hope this answers your question. Let me know if you need any further assistance.
Thank you.
@@PaddyMaddy26 Thanks for your quick reply. Do you have any documentation or steps where i can implement this through intune.
@Raghu8844 refer to this documentation
learn.microsoft.com/en-us/mem/intune/fundamentals/remediations
Remediations and is now available from Devices > Manage devices > Scripts and remediations
Remediations are script packages that can detect and fix common support issues on a user's device before they even realize there's a problem. Remediations can help reduce support calls. You can create your own script package, or deploy one of the script packages we've written and used in our environment for reducing support tickets.
Each script package consists of a detection script, a remediation script, and metadata. Through Intune, you can deploy these script packages and see reports on their effectiveness.
@@PaddyMaddy26Thanks for detailed explanation. I am just wondering if i push this script as mentioned will it run everyday or do i need to do any additional setup like task scheduling. Once this is done will users daily get password reset notification until
They change credentials.
@Raghu8844 once you deploy or during the deployment in assignment section you have automated schedule intervals just like schedule task all possible options are there.. like run daily at some time 🕰️ … check this subsection useful for you..
it's complete batshit that this needs to happen at all, the fact microsoft can't pull their thumbs out and give such basic functionality out of the box for such a "premium" product is not only laughable but in the corporate world should be considered criminal.
Thank you for your feedback. We understand your frustration with the lack of basic functionality in Microsoft products. We are continuously working to improve our products to meet the needs of our customers. If you need any help with the courses or have any other questions, please feel free to contact us via email at trainings@memcourse.com or contact us via phone. Thank you for taking the time to provide us with your valuable feedback. We appreciate it.
Thank you very much, how can I download the cert script and email script
?
Thank you for your interest in my courses. You can find the certificate and email scripts in the course material. Please check the Udemy course page for the link to the course material. If you need any assistance, please feel free to contact me via email or phone. Thank you.
roughly what is the monthly cost for this?
Thank you for your inquiry. All my courses are offered at discounted prices on Udemy, and you can find the pricing information on the course page. If you have any further questions, please don't hesitate to contact me via email at trainings@memcourse.com. Thank you.
Sorry, I was referring to the monthly cost for running a web app. The services you setup in this video, roughly what does that cost a month to run? @@PaddyMaddy26
hi paddy i contacted through email regarding intune but response please responce
Thank you for your inquiry. We are pleased to inform you that all our courses are available online through Udemy and RUclips. You can get them for a discounted price at www.udemy.com/user/pavan-kumar-525/ and you can find all our courses here. If you need any specific course coupon, please let us know and we can provide it to you. If you have any other questions, please feel free to contact us at trainings@memcourse.com. Thank you for your interest in our courses.
@PaddyMaddy26 There is no discount on udemy current price Rs ₹3,199/ let me know is there any discount
@@PaddyMaddy26 is there any coupon for intune cause live ₹3,199 price but when i saw it is 599? will i get it ?
Not bad, but way too much talking.. this video should be 10 mins.
Thank you for your comment. I appreciate your feedback and I understand your point. I will try to shorten the video in the future. In the meantime, if there is any specific course coupon that you need, please do let me know and I will be happy to help. Thank you again.
Hi Paddy,
Thanks for this video. But I'm stuck in the middle of the process.
# Get all domain password expiration policies
Stuck in this step as the script is not getting through. Could you please help or share your email address? So that I could share you the error screenshots.
Thanks much for your help in advance :)
You can even upload to ddropbox or OneDrive and share or mail me
@@PaddyMaddy26 Email sent. Thank you.
Hi@@PaddyMaddy26
My email couldn't be delivered
Send it to training@memcourse.com
Email sent now. Thanks.@@PaddyMaddy26