Untitled

Add-Type -AssemblyName System.Windows.Forms

# Ensure the ActiveDirectory module is available
if (-not (Get-Module -ListAvailable -Name ActiveDirectory)) {
    [System.Windows.Forms.MessageBox]::Show("Password expiry check skipped - Active Directory module not available.", "Info", 'OK', 'Information')
    exit
}

Import-Module ActiveDirectory

# Get current username
$userName = $env:USERNAME
$adUser = Get-ADUser -Identity $userName -Properties "msDS-UserPasswordExpiryTimeComputed", "PasswordLastSet"

# Calculate expiry
$expiryTime = [datetime]::FromFileTime($adUser.'msDS-UserPasswordExpiryTimeComputed')
$daysRemaining = ($expiryTime - (Get-Date)).Days

# Registry path to track last popup
$regPath = "HKCU:\Software\PasswordExpiryNotify"
if (-not (Test-Path $regPath)) {
    New-Item -Path $regPath -Force | Out-Null
}

$lastPopup = $null
try {
    $lastPopup = (Get-ItemProperty -Path $regPath -Name "LastPopup" -ErrorAction Stop).LastPopup
} catch {}

$now = Get-Date
$showPopup = $false

if ($daysRemaining -le 14) {
    if ($daysRemaining -le 2) {
        # Show every 2 hours
        if (-not $lastPopup -or (($now - [datetime]$lastPopup).TotalHours -ge 2)) {
            $showPopup = $true
        }
    } else {
        # Once per day
        if (-not $lastPopup -or ([datetime]$lastPopup).Date -lt $now.Date) {
            $showPopup = $true
        }
    }

    if ($showPopup) {
        $message = "Your password will expire in $daysRemaining day(s) on $($expiryTime.ToShortDateString()). Please update it soon."
        [System.Windows.Forms.MessageBox]::Show($message, "Password Expiry Notice", 'OK', 'Warning')
        Set-ItemProperty -Path $regPath -Name "LastPopup" -Value $now
    }
}