##First we import the school provisioned with Laptop Model in the pager field
function MSOLConnected {
Get-MsolDomain -ErrorAction SilentlyContinue | out-null
$result = $?
return $result
}

 

Import-Module MSOnline

if (-not (MSOLConnected)) {
Connect-MSOLService
}

 

 

$Students_BYOD = Get-ADUser -Filter * -SearchBase “OU=2025,OU=Students,OU=NHS Users,DC=curric,DC=domain,DC=wan”
$time_limit=(get-date).Date.AddDays(-54)

#below foreach will export the users with password age larger than 54 days to a csv file.

foreach($student_BYOD in $Students_BYOD){

#Get-MsolUser -UserPrincipalName $student_BYOD.userPrincipalName | select userprincipalname,LastPasswordChangeTimestamp,@{Name=”PasswordAge”;Expression={(Get-Date)-$_.LastPasswordChangeTimeStamp}} | sort-object PasswordAge -descending | Export-CSV D:\tmp\LastPasswordChange.csv -NoTypeInformation -Append
#Get-MsolUser -UserPrincipalName $student_BYOD.userPrincipalName | select userprincipalname,LastPasswordChangeTimestamp,@{Name=”PasswordAge”;Expression={(Get-Date)-$_.LastPasswordChangeTimeStamp}} | Where-Object { $_.LastPasswordChangeTimeStamp -lt $time_limit} | Export-CSV D:\tmp\LastPasswordChange_17Mar.csv -NoTypeInformation -Append

}

 

#below foreach will add the users with password age larger than 54 days to a group.

foreach($student_BYOD in $Students_BYOD){

# $student_BYOD = Get-MsolUser -UserPrincipalName $student_BYOD.userPrincipalName | Where-Object { $_.LastPasswordChangeTimeStamp -lt $time_limit}

# $UPN = $student_BYOD.UserPrincipalName
# echo $UPN

# $student_BYOD_exp = Get-ADUser -Filter { UserPrincipalName -Eq $UPN } -Properties *
# echo $student_BYOD_exp
# Add-ADGroupMember -Identity “CN=Password_needs_reset,OU=Students,OU=NHS Groups,OU=Nossal HS,DC=curric,DC=domain,DC=wan” -Members $student_BYOD_exp

}

#Remove the session
#Remove-PSSession $Session