Author Posts

October 23, 2013 at 6:02 am

Pull AD groups from grouplist, get member attributes and smtp mail to group owner for review. Script work great. It will send email to the specific owner with the correct group name in the subject and list the group members as a text file in the email.

$smtpServer = “”

$smtpFrom = “”

$messagebody1 = "

If any users should be removed, please submit a Service Now Revoke Access request.

Please reply to this email, affirming that you have reviewed the access to this group.
If you are no longer the custodian, please reply stating so.
If known, please also provide the name of the person now managing this group’s members

Thank you”

$groups = Get-Content c:\temp\adgroups.txt

[string]$messagebody = “”

foreach ($group in $groups)
{

$messagebody0 = "This message is notice for the quarterly group membership attestation required by our Policies.
The following users listed below are members of the ($group) group, which provides privileged access to AIX servers.
You are listed as the Custodian of this group. Please verify these users should retain this access."

$group = Get-QADGroup $group

$ManagedBy = (Get-QADUser $Group.ManagedBy).Email

$smtpTo = $managedby

$messagebody2 = Get-QADGroupMember $group | % {

“`r`n`r`n”
“$($_.NTaccountName.ToString())”, ” “,”$($_.DisplayName.ToString())”,” “,”$($_.Email.ToString())”

}

$smtp = New-Object Net.Mail.SmtpClient($smtpServer)

$messageSubject = “”

$smtp.Send($smtpFrom,$smtpTo,$messagesubject,$messagebody0 + $messagebody1 + $messagebody2)

}