Nov 07 2022 04:21 PM
I have a number of users who have recently transitioned to Azure joined devices and are authenticating directly through AAD, though their accounts were originated in On-prem AD. When their passwords expire, they aren't getting notification but finding out when certain on-prem services aren't connecting. We are using AD Sync and it's going both ways AAD to OP and OP to AAD .
I guess my question is 2 fold:
Thanks,
Nov 08 2022 06:17 AM
Aug 21 2023 06:47 AM
@BilalelHadd Many highly regulated environments have these types of requirements. PCI DSS, governance from government bodies, etc have these password requirements for expiration so these orgs are beholden to them.
Also as of note, most, if not all, of these scripts use send-mailmessage, which is deprecated and has no official replacement from MS, see below.
"The Send-MailMessage cmdlet is obsolete. This cmdlet does not guarantee secure connections to SMTP servers. While there is no immediate replacement available in PowerShell, we recommend you do not use Send-MailMessage. For more information, see Platform Compatibility note DE0005."
The only solution I have found so far that does not use send mail message in my light research is this blog: https://www.sharepointdiary.com/2023/04/microsoft-365-password-expiration-notification-email.html
It looks to use M365 and Microsoft Graph API to do this.