Are Your Users Expired?
Yes, It is Monday morning, you walk into your office and the Help Desk lines are already lit up. Clients are calling with emergency lockouts and emails not coming in on their phones and computers. You know their passwords are expired and they didn’t see the desktop popup from Microsoft warning them it was coming. You now have to get busy resetting passwords to get these people back to work as fast as possible. Password expiration issues can account for up to 10% of the weekly tickets a MSP’s help desk has to manage and although it only takes a minute or two to fix that time adds up. Here is where we come in.
Expiry AD is a plugin for LabTech that checks the Active Directory of any client to see what Domain User passwords maybe ready to expire, creates a list of the users expected expiration times and emails them a custom email notice to please update password when they come close to the limit you set for them. You can personalize each email to the user that is receiving it or have a generic global email that goes to everyone.
There is some basic information needed to complete the password expiration checks,
You will need to supply the AD server you want to scan, this should be an up to date AD server with Powershell 2 or higher installed. You will need to know how many days ahead of the expiration you want to send a notification and the LDAP root you want to look for users in.
Once this information is entered into the system and the apply button pressed the plugin will request if you would like to run a scan now. Scans will run daily on systems that are set to notify users automatically, just turn on the Notify Users switch at the top of the management window.
We supply a HTML capable Email Body template maker that will allow you to create unique emails that are personable to each user. Once you are finished you can view what your emails will look like by selecting the Email Viewer control. We have provided two wild cards for email templates @MYNAME@ and @DAYSLEFT@ which will allow you to personalize each email sent with the users full name and the current days left before expiration.
By selecting the [Results] tab yo can see the result of the last scan and who is in line to get emails. All user will be listed here and will show how many days left until they expire. Users marked in RED have expired or are with in the windows set by you for expiration emails.
Not all users of Active directory will show up in list or scans. We have some basic filters in place for the scanner that prevents non actionable users from showing up in scans.
- Users who are set to never expire will be excluded
- Users who are disabled will be excluded
- User who are set to no be able to change password are excluded
- User who have no official Email address listed in directory are excluded
You will only get a return of people you can actually affect and emails will only be sent to users who can receive them and react. This limits the efforts needed by the Labtech system and provides for maximum coverage for the domain users.