It worked fine with the prior individual plugin.
I had a client setup in the prior plugin and I re-setup in the habitat plugin but it does not seem to be scanning. I put all the exact info I had in the other plugin.
Notify is on
AD server is selected on dropdown
days to notify are set
DN for the user OU is set
mail notification body is set
Under results it is showing proper dates for last scan date but no users are coming up.
Password Expiry not working
Re: Password Expiry not working
Could you send over some screenshots for us?
Re: Password Expiry not working
Yea, don't bother... we found an issue. Looks like we removed the call to load that view in last set of edits. Must of been a fat finger event.
This will be fixed in 1.0.0.35 out later today. Auto updates will update the plugin for you tonight.
This will be fixed in 1.0.0.35 out later today. Auto updates will update the plugin for you tonight.
Re: Password Expiry not working
but is that a visual thing only? Because the users' aren't getting the emails either
Re: Password Expiry not working
Not seeing anything in the results yet and far as I can tell, users aren't getting the emails
Re: Password Expiry not working
Ok so your not getting data back from the DC.
Can you confirm that the Habitat AD Password Expired Notifier script has run on the DC daily? You should see it being scheduled at 12 am and 1 pm daily. It scans the DC using LDAP and returns the user list. If the LDAP container is not valid it will fail to produce a list.
So let's check a few things:
#1 Do you see script being scheduled?
#2 Does c:\windows\ltsvc\expiryAD.ps1 on the Domain Controller exists?
#3 Try running the following on the DC in a powershell console as "Admin". Replace in the script below for @LDAPRoot@ the same setting you have for your LDAP in the plugin. Execute it and see if it prints out a list of users?
#4 if script is being scheduled what is the logged output from the script execution?
Post that info here for us to review.
Can you confirm that the Habitat AD Password Expired Notifier script has run on the DC daily? You should see it being scheduled at 12 am and 1 pm daily. It scans the DC using LDAP and returns the user list. If the LDAP container is not valid it will fail to produce a list.
So let's check a few things:
#1 Do you see script being scheduled?
#2 Does c:\windows\ltsvc\expiryAD.ps1 on the Domain Controller exists?
#3 Try running the following on the DC in a powershell console as "Admin". Replace in the script below for @LDAPRoot@ the same setting you have for your LDAP in the plugin. Execute it and see if it prints out a list of users?
Code: Select all
$ErrorActionPreference = 'SilentlyContinue'
#write-host $data.count total lines read from file
$Users = Get-ADUser -SearchBase "@LDAPRoot@" -properties mail, useraccountcontrol, CannotChangePassword, passwordlastset, passwordneverexpires -filter * | select *, `
@{label="passwordage";expression={(new-timespan -end (Get-Date) -start $_.PasswordlastSet).Days}}, `
@{label="daysleft";expression={($MaxPasswordAgeDays - ((new-timespan -end (Get-Date) -start $_.PasswordlastSet).Days)) }} `
| where {($_.CannotChangePassword -ne $True) `
-and ($_.passwordneverexpires -ne $True) `
-and ($_.UserAccountControl -ne 514) `
-and ($_.mail -ne $null) `
}
$i = 0
foreach ($user in $Users) {
$Name = $user.name
$Name = $Name -replace "\W"," "
$UPN = $user.mail
$DaysLeft = $user.daysleft
write-output " '$UPN', '$Name', '$DaysLeft'"
}
#4 if script is being scheduled what is the logged output from the script execution?
Post that info here for us to review.
Re: Password Expiry not working
So i think it was either an issue with the sub OU i was testing with OR the fact the DC I was trying to use only had PS v2 installed on it.
I switched it to a 2016 DC and hit the OU 1 parent level up and now it's showing everything in there.
I think it really moreso might have been the DC I was using first
I switched it to a 2016 DC and hit the OU 1 parent level up and now it's showing everything in there.
I think it really moreso might have been the DC I was using first
Re: Password Expiry not working
Ah,
Oh yes the Habitat AD password expire scripts first duty is to test Powershell for version 3 or greater, if not it will exit script with a log message in the script logs that POSH is not usable.
Oh yes the Habitat AD password expire scripts first duty is to test Powershell for version 3 or greater, if not it will exit script with a log message in the script logs that POSH is not usable.
Re: Password Expiry not working
Just fyi we released a new build today 1.0.0.36 which now revamps the Password expired tool.
See what it looks like here
viewtopic.php?f=62&t=5703&sid=f6a419086 ... 6e3c1e487f
Your plugins should auto update overnight and this will become available then.
Enjoy
See what it looks like here
viewtopic.php?f=62&t=5703&sid=f6a419086 ... 6e3c1e487f
Your plugins should auto update overnight and this will become available then.
Enjoy