Life is easy if you have domain joined computers. They get policies, they get your SOE and they get told when their password is about to expire (or has expired).
When you have a BYOD solution, this can become difficult. Sure, you can provide a password reset utility for users to use (such as Azure AD Connect Password Write-back through Office 365), but it’s not guaranteed users will remember where it lives, even if you make it as obvious as a big red button on the Intranet page.
Enter this PowerShell script.
It sends a nice looking email, that looks like this:
to users when their password is about to expire. It’s super simple, and works great!
I’ve attached the script and HTML template here – grab them, re-jig as you need to, setup a scheduled task and off you go… it works a treat!