Script Repository

Back to List

Users who attempted to reset their own password

February 24, 2021
1132

The scripts generates and emails an HTML report containing users who attempted to reset their own password via Adaxes Password Self-Service, no matter whether the attempt was successful or not.

To schedule the report, create a scheduled task configured for the Domain-DNS object type.

Parameters:

  • $to - Specifies a comma separated list of recipients of the report.
  • $subject - Specifies the email message subject.
  • $reportHeader - Specifies the email message header.
  • $reportFooter - Specifies the email message footer.
Edit Remove
PowerShell
$to = "recipient@example.com" # TODO: modify me
$subject = "Users who attempted to reset their own password" # TODO: modify me
$reportHeader = "<b>Users who attempted to reset their own password. Report generated on: {0} </b><br/><br/>" # TODO: modify me
$reportFooter = "<hr /><p><i>Please do not reply to this e-mail, it has been sent to you for notification purposes only.</i></p>" # TODO: modify me

# Bind to the 'Password Self-Service Statistics' container
$passwordSelfServiceStatisticsPath = $Context.GetWellKnownContainerPath("PasswordSelfServiceStatistics")
$passwordSelfServiceStatistics = $Context.BindToObject($passwordSelfServiceStatisticsPath)

# Regenerate the Password Resets report
$passwordSelfServiceStatistics.ResetReportCache("ADM_PSSREPORTTYPE_RESETPWD")
$reportIsBeingGenerated = $True

# Get the report
do 
{
    try
    {
        $report = $passwordSelfServiceStatistics.GetReport("ADM_PSSREPORTTYPE_RESETPWD")
        $reportIsBeingGenerated = $False
    }
    catch [System.Runtime.InteropServices.COMException]
    {
        if ($_.Exception.ErrorCode -eq "-2147024875")
        {
            # Report is still being generated. Wait 10 seconds
            Start-Sleep -Seconds 10
        }
        else
        {
            $reportIsBeingGenerated = $False
            $Context.LogMessage($_.Exception.Message, "Error")
            return
        }
    }
}
while ($reportIsBeingGenerated)

# Add the date when the report was generated
$reportHeader = $reportHeader -f $report.GenerateDate

# Add the report records
$records = $report.Records
$doneUsers = New-Object "System.Collections.Generic.HashSet[System.String]"
$list = New-Object "System.Text.StringBuilder"
[void]$list.Append("<ul>")

for ($i = 0; $i -lt $records.Count; $i++)
{
    $record = $records.GetRecord($i)
    
    # Get user information
    $userPath = $NULL
    $userDisplayName = $NULL
    $userParentCanonicalName = $NULL
    $userAccountIsEnabled = $NULL
    $userIsEnrolled = $NULL
    $userAccountIsExpired = $NULL
    $userInfo = $record.GetUserInfo([ref]$userPath, [ref]$userDisplayName, [ref]$userParentCanonicalName, 
        [ref]$userAccountIsEnabled, [ref]$userIsEnrolled, [ref]$userAccountIsExpired)

    if ($doneUsers.Contains($userPath))
    {
        continue # Already included in the report
    }
    
    # Add user to report
    $displayName = $Context.GetDisplayNameFromAdsPath($userPath)
    [void]$list.Append("<li>$displayName</li>")
    [void]$doneUsers.Add($userPath)
}

# Build the report
[void]$list.Append("</ul>")
$htmlBody = $reportHeader + $list.ToString() + $reportFooter

# Send mail
$Context.SendMail($to, $subject, $NULL, $htmlBody)

User Accounts Export Data Password Self-Service
Comments ( 0 )
No results found.
Leave a comment

Related Scripts