The scripts generates and emails an HTML report containing users who attempted to reset their own password via Adaxes Password Self-Service, no matter whether the attempt was successful or not.
To schedule the report, create a scheduled task configured for the Domain-DNS object type.
Parameters:
- $to - Specifies a comma separated list of recipients of the report.
- $subject - Specifies the email message subject.
- $reportHeader - Specifies the email message header.
- $reportFooter - Specifies the email message footer.
PowerShell
$to = "recipient@example.com" # TODO: modify me
$subject = "Users who attempted to reset their own password" # TODO: modify me
$reportHeader = "<b>Users who attempted to reset their own password. Report generated on: {0} </b><br/><br/>" # TODO: modify me
$reportFooter = "<hr /><p><i>Please do not reply to this e-mail, it has been sent to you for notification purposes only.</i></p>" # TODO: modify me
# Bind to the 'Password Self-Service Statistics' container
$passwordSelfServiceStatisticsPath = $Context.GetWellKnownContainerPath("PasswordSelfServiceStatistics")
$passwordSelfServiceStatistics = $Context.BindToObject($passwordSelfServiceStatisticsPath)
# Regenerate the Password Resets report
$passwordSelfServiceStatistics.ResetReportCache("ADM_PSSREPORTTYPE_RESETPWD")
$reportIsBeingGenerated = $True
# Get the report
do
{
try
{
$report = $passwordSelfServiceStatistics.GetReport("ADM_PSSREPORTTYPE_RESETPWD")
$reportIsBeingGenerated = $False
}
catch [System.Runtime.InteropServices.COMException]
{
if ($_.Exception.ErrorCode -eq "-2147024875")
{
# Report is still being generated. Wait 10 seconds
Start-Sleep -Seconds 10
}
else
{
$reportIsBeingGenerated = $False
$Context.LogMessage($_.Exception.Message, "Error")
return
}
}
}
while ($reportIsBeingGenerated)
# Add the date when the report was generated
$reportHeader = $reportHeader -f $report.GenerateDate
# Add the report records
$records = $report.Records
$doneUsers = New-Object "System.Collections.Generic.HashSet[System.String]"
$list = New-Object "System.Text.StringBuilder"
[void]$list.Append("<ul>")
for ($i = 0; $i -lt $records.Count; $i++)
{
$record = $records.GetRecord($i)
# Get user information
$userPath = $NULL
$userDisplayName = $NULL
$userParentCanonicalName = $NULL
$userAccountIsEnabled = $NULL
$userIsEnrolled = $NULL
$userAccountIsExpired = $NULL
$userInfo = $record.GetUserInfo([ref]$userPath, [ref]$userDisplayName, [ref]$userParentCanonicalName,
[ref]$userAccountIsEnabled, [ref]$userIsEnrolled, [ref]$userAccountIsExpired)
if ($doneUsers.Contains($userPath))
{
continue # Already included in the report
}
# Add user to report
$displayName = $Context.GetDisplayNameFromAdsPath($userPath)
[void]$list.Append("<li>$displayName</li>")
[void]$doneUsers.Add($userPath)
}
# Build the report
[void]$list.Append("</ul>")
$htmlBody = $reportHeader + $list.ToString() + $reportFooter
# Send mail
$Context.SendMail($to, $subject, $NULL, $htmlBody)