Password Change Reminder PowerShell Script Updated!

powershell2xa4Back in 2012 i wrote a script to help me remind users about their password expiry, to reduce the number of calls i got on the helpdesk. I decided to share it and published it on the TechNet Gallery,

It has been quite popular since then, with over 8,000 downloads!

Throughout that time i have received a number of questions about how to tweak the script to do various things or fix bugs and errors that people have found.

I have been tweaking it as i go, without much notification to anyone. I have just finished quite a big change, so i thought i would put up a post here, to let people know.

So what’s new?

Comments. Well firstly i added a lot more comments to the script itself. Not very exciting, but for those wanting to tweak it themselves, kind of important.


Logging. I have added logging so any notifications generated can also be outputted into a CSV file.


Testing. A lot of people wanted to be able to test it, but not have users emailed directly, so now you can have all notifications emailed to a separate address. Which you can see in the above email, all the emails going to .


As always i welcome any comments or suggestions for the script over at the TechNet Gallery.

I have posted a troubleshooting guide here.

About Robert Pearman
Robert Pearman is a UK based Small Business Server enthusiast. He has been working within the SMB IT Industry for what feels like forever. Robert likes Piña colada and taking walks in the rain, on occasion he also enjoys writing about Small Business Technology like Windows Server Essentials or more recently writing PowerShell Scripts. If you're in trouble, and you can find him, maybe you can ask him a question.

10 Responses to Password Change Reminder PowerShell Script Updated!

  1. Wayne Riddle says:

    This chnage makes it so if the password expires in 1 day it says 1 day instead of 1 days
    if (($messageDays) -gt “1”)
    $messageDays = “in ” + “$daystoexpire” + ” days”
    elseif (($messageDays) -eq “1”)
    $messageDays = “in ” + “$daystoexpire” + ” day”
    $messageDays = “today”

    • I think I actually updated that in a newer version of the script:

      # Check Number of Days to Expiry
      $messageDays = $daystoexpire

      if (($messageDays) -ge "1")
      $messageDays = "in " + "$daystoexpire" + " days."
      $messageDays = "today."

      Your way may be better though :)

  2. Rick Staples says:

    I have looked through your different iterations and your youtube channel – I am very impressed at how well the script works and the level of detail you put into the knowledge transfer to us Powershell novices. I did not see any example of authenticating to an SMTP server. We use a third party provider that requires SMTP encryption and authentication. I see where Send-Mailmessage supports encryption but it does not support authentication. I was thinking about trying to use System.Net.Mail with your script but before I roll up my sleeves I wanted to see if you already had authentication added in another version.


    • You can use -credential which will support a credential variable. However to do that, without user interaction you must store the password. You can store a secure-string in an encrypted file, but I did not want to advocate doing so due to potential security risks. It is relatively easy to find out how to do it with a quick search on Google.

  3. Jos says:

    Hi Robert,

    I find that scheduling this script will sometimes cause runaway PS processes that Task Scheduler fails to kill, causing the task to stop running on schedule (even though kill after 1 hour is set).

    So, I slightly enhanced it by adding the following code before it initializes the log:

    function preventDoubleSchedule{
    $scriptFileName = split-path $MyInvocation.PSCommandPath -Leaf
    [Array]$psProcesses = @(Get-WmiObject Win32_Process -Filter “name like ‘%Powershell.exe%’ and handle != ‘$pid'” | where {$_})
    if($psProcesses.Count -gt 0){
    foreach($psProcess in $psProcesses){
    if($psProcess.CommandLine -like “*$scriptFileName*” -and $scriptFileName){
    ##we’ve found a Powershell process that is running this script, but does not have the same process ID, lets try to kill it
    Stop-Process -Id $psProcess.Handle -Force -Confirm:$False


  4. Hello Robert. I am working with your script version 2.3 dated March 2017. I would like to change the days to expire to 14, 7, 2 and 1. I see multiple lines referencing daystoexpire. Can you tell me where and the syntax that I need to modify? Thank you,


    • if (( ($daystoexpire -eq “14”) -or ($daystoexpire -eq “7”) -or ($daystoexpire -eq “2”) -or ($daystoexpire -eq “1”))

      i think that would work.

  5. Is there a way to dictate the port for the smtp server?

Leave a Reply to Robert Pearman Cancel reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: