# Script that mails users whos certificate is about to expire.
# Created by: Lars Gustavsson
# Version: 1.0
# Changelog: 1.0 Created
#
# Instructions:
# Change the varibles for days when the certificate expires, the certificate server to use and the certificate template to filter by.
# Make sure to set the execution policy to unrestricted with "set-execution policy unrestricted"
#Importes the PSPKI Module, it needs to be installed first, download from http://pspki.codeplex.com/releases/view/110129
import-module PSPKI
$Template = "SmartCard"
$CAServer = "caserver.domain.suffix"
#Days which to search for expired certificates in.
$Days = "14"
$MailFrom = "IT-Servicedesk@domain.suffix"
$SMTP = "smtp.domain.suffix"
$Subject = '"Your smartcard certificate is about to expire"'
$UserRcpts = Get-CertificationAuthority $CAServer | Get-IssuedRequest -Property CertificateTemplate,UPN -Filter "NotAfter -ge $(Get-Date)", "NotAfter -le $((Get-Date).AddDays($Days))","CertificateTemplate -eq $Template"
ForEach ($User in $UserRcpts) {
$MailRcpt = $User.UPN
$date = $MailRcpt.NotAfter
$MailBody = '"Your smartcard expires ' + $date + ', please contact IT-Servicedesk to renew! You need your smartcard to your computer."'
#Looks up the users email in Active Directory.
$Mail = Get-ADUser -filter {(UserPrincipalName -eq $MailRcpt)} -Properties Mail
#Checking that a mail was found before sending.
if ($Mail.Mail -ne $Null)
{
Write-host "Send-MailMessage -To" $Mail.Mail "-Body $MailBody -From $MailFrom -Subject $Subject -SmtpServer $SMTP"
}
}
Skriptet bygger på att du har modulen PSPKI installerad från http://pspki.codeplex.com/releases/view/110129