-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathGet-PinInfo.ps1
222 lines (199 loc) · 9.12 KB
/
Get-PinInfo.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
<#
.SYNOPSIS
This is a script to send mail to the user who Lync/Skype for Business dialin PIN will expire
.DESCRIPTION
Original Script (v1.0) created by Petre Hoffmann
Changelog:
v1.0.0 - 13.04.2016 - Original Script (PCA)
v1.1.0 - 16.04.2016 - Reduced console output
created summary
added progress bars
added event log switch and entries
V1.1.1 - 19.04.2016 - Added additional checks AD Group and loaded module availability
.EXAMPLE
.\Get-PinInfo.ps1 -CSGroup Company_Skype_for_Business_Users
Using CSGroup parameter to provide the active directory group with the lync/skype for business users
.EXAMPLE
.\Get-PinInfo.ps1 -CSGroup Company_Skype_for_Business_Users -ToEvents
Using the ToEvents switch, the output summary will be written in Event Logs
.PARAMETER CSGroup
The name of an Active Directory group which includes all Lync/skype for business users
.PARAMETER ToEvents
Switch activates the output to the events log
.NOTES
You need to run this script as a member of the CSAdministrators group; doing so is the only way to ensure you have permission to query data.
The script must run with elevated privilege and can only be run in one Lync/Skype for Business Front-End Server
#>
Param(
[string]$CSGroup = (Read-Host -Prompt "Please enter the AD Group"),
[parameter(ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true)]
[switch]$ToEvents
)
#load and check the modules
Import-Module ActiveDirectory
Import-Module Lync
$ModuleAD = Get-Module ActiveDirectory
$moduleLync = Get-Module Lync
if (($ModuleAD -eq $null) -or ($moduleLync -eq $null)) { Write-Warning "At least one of the module is not available on this computer"; break; }
#global variables need to be set
#mail settings
$from = ""
$smtp = "m"
$mailsubject = "Skype for Business Pin Notification"
#get dialin URL from topology
$SimpleURLEntries = Get-CsSimpleUrlConfiguration -Identity Global | select SimpleUrl
$dialinUrl = $SimpleURLEntries.SimpleUrl[0].ActiveUrl
#counter variable for progress bar
$counter = 0
$countMails = 0
$countCompliantPin = 0
$countNoPin = 0
$countExpiredPin = 0
#object for saving users that have received mails
[System.Collections.ArrayList]$mailedUsers = @()
#check if AD Group exist
$check = Get-ADGroup $CSGroup
if($check -eq $null) { Write-Warning "Active Directory Group $CSGroup do not exist"; break }
#Create a interminate progress bar
$i = 0
#Asking AD for group members in a background job
$job = Start-Job -ScriptBlock { Get-ADGroup $args[0] -Properties members | select -ExpandProperty members | Get-ADUser -Properties samaccountname, givenname, mail | select samaccountname, givenname, mail } -ArgumentList $CSGroup
Write-Progress -Id 1001 -Activity “Searching Lync Users...” -status “Please wait” -PercentComplete 0
while(Get-Job -State "Running")
{
if($i -eq 100)
{$i=0}
Write-Progress -Id 1001 -Activity “Searching Lync Users...” -status “Please wait” -PercentComplete $i
Start-Sleep(1)
$i = $i + 5
}
$Members = Receive-Job -Job $job -AutoRemoveJob -Wait
#read the total number of users available in AD Group
$membersCount = $Members.Count
Write-Progress -Id 1001 -Activity “Searching Lync Users...” -status “$membersCount users found. Process completed” -PercentComplete 100
Start-Sleep(1)
Write-Progress -Id 1001 -Activity “Searching Lync Users...” -Completed
#Processing every user found
ForEach ($user in $Members)
{
$samaccountname = $user.samaccountname
$mailaddress = $user.mail
$username = $user.givenname
#ingreasing the progress counter
$counter++
$enabled = Get-CsUser -filter {SamAccountName -eq $SamAccountName}
# Check if user is enabled for Lync/Skype for Business pool
if ($enabled.RegistrarPool -ne $null)
{
#ask users pin expiration date
$usersPin = Get-CsClientPinInfo -Identity $samaccountname | Select-Object PinExpirationTime, IsPinSet
$userExpirationTime = $usersPin.PinExpirationTime
#ask current date
$currentdate = Get-Date
#calculate how many days are available till pin expires
$diff = $userExpirationTime - $currentdate
$daysDiff = $diff.Days
#check if the user has a Pin already set
if($usersPin.IsPinSet)
{
#when are 14 or 7 days more till pin expire, send a mail to the user
if(($daysDiff -eq 14) -or ($daysDiff -eq 7))
{
#send a mail to the user to announce him about pin expiration period
$body="Hello $username,<br><br>"
$body+="Your Skype for Business PIN will expire in $daysDiff days<br>"
$body+="Please change it at $dialinUrl<br><br>"
$body+="Please be aware, if you do not change your PIN, you are not allowed to join the meeting via phone."
Send-MailMessage -From $from -SmtpServer $smtp -Subject $mailsubject -To $mailaddress -Port 25 -BodyAsHtml -Body $body
$countMails++
#save user samaccountname and mail address for summary
$properties = @{User=$samaccountname; Mail = $mailaddress}
$objectTemplate = New-Object -TypeName PSObject -Property $properties
$mailedUsers.Add($objectTemplate)
}
else
{
#check if Pin has expired today
if(($daysDiff -eq 0) -and ($diff.TotalMilliseconds -lt 0))
{
#send a mail to the user to announce him about pin expiration
$body="Hello $username,<br><br>"
$body+="Your Skype for Business PIN is expired<br>"
$body+="Please assign a new one at $dialinUrl<br><br>"
$body+="Please be aware, if you do not change your PIN, you are not allowed to join the meeting via phone."
Send-MailMessage -From $from -SmtpServer $smtp -Subject $mailsubject -To $mailaddress -Port 25 -BodyAsHtml -Body $body
Write-Host "mail sent to $mailaddress"
$countMails++
#save user samaccountname and mail address for summary
$properties = @{User=$samaccountname; Mail = $mailaddress}
$objectTemplate = New-Object -TypeName PSObject -Property $properties
$mailedUsers.Add($objectTemplate)
}
else
{
#check if pin is expired since more than 1 day
if($daysDiff -lt 0)
{
#count for summary
$countExpiredPin++
}
else
{
#in this case nothing can be done because the pin is compliant
$countCompliantPin++
}
}
}
}
else
{
#print a message to the console if the pin is not set for this user
$countNoPin++
}
}
Write-Progress -Id 1000 -Activity “Processing Lync/Skype for Business Users...” -status “Lync Users already completed: $counter from $membersCount” -percentComplete ($counter / $Members.Count*100)
}
Write-Progress -Id 1000 -Activity “Processing Lync Users...” -Completed
#creating summary
$logtext = @"
---------------------------------------
Total Users $counter
Mails sent $countmails
Compliant PIN Users $countCompliantPin
Expired PIN Users $countExpiredPin
Users without a PIN set $countNoPin
---------------------------------------
`n
"@
if ($mailedUsers.Count -ne 0)
{
$result = "Following Users received a mail notification`n"
$result += $mailedUsers | ft -AutoSize | Out-String
$result
}
else
{
$result = "No notification was sent"
}
$logtext += $result
#check if output to event logs is requested and if the answer is positive write an entry otherwise put it on the screen
if($ToEvents)
{
#check if Event Log Lync Scripts and PIN Info source exist
if ((Get-EventLog -list | Where-Object {$_.logdisplayname -eq "Lync scripts"}) -and ([System.Diagnostics.EventLog]::SourceExists("PIN Info")))
{
#Write event entry
Write-EventLog -LogName 'Lync Scripts' -Source 'PIN Info' -EntryType Information -EventId 1000 -Message $logtext
}
else
{
#if log or source not exist, create a new one and write event entry
New-EventLog -LogName "Lync Scripts" -Source 'PIN Info'
Write-EventLog -LogName 'Lync Scripts' -Source 'PIN Info' -EntryType Information -EventId 1000 -Message $logtext
}
}
else
{
Write-Host $logtext
}