From 469e6f7aa435460be5bf00ea40b087c2be4eeb48 Mon Sep 17 00:00:00 2001
From: P6g9YHK6 <17877371+P6g9YHK6@users.noreply.github.com>
Date: Fri, 6 Jun 2025 08:44:38 +0200
Subject: [PATCH 01/23] Update file: Mail notification password expiry.ps1

---
 .../Mail notification password expiry.ps1     | 967 +++++++++---------
 1 file changed, 497 insertions(+), 470 deletions(-)

diff --git a/scripts_staging/Backend/Mail notification password expiry.ps1 b/scripts_staging/Backend/Mail notification password expiry.ps1
index ba4227fd..94d8c374 100644
--- a/scripts_staging/Backend/Mail notification password expiry.ps1	
+++ b/scripts_staging/Backend/Mail notification password expiry.ps1	
@@ -1,482 +1,509 @@
-<# 
+<#
 .SYNOPSIS
-    Script permettant de récupérer et analyser les utilisateurs dont le mot de passe est sur le point d'expirer dans Active Directory.
+    Ensures the script is executed using PowerShell 7 or higher.
+
 .DESCRIPTION
-    Ce script se connecte à Active Directory pour rechercher les utilisateurs dans une unité organisationnelle spécifiée.
-    Il récupère la date de dernière mise à jour du mot de passe pour chaque utilisateur et la compare à la politique de mot de passe du domaine.
-    En fonction du nombre de jours restant avant l'expiration, les comptes sont classés en trois catégories :
-        - Expiré : Le mot de passe a déjà expiré.
-        - Critique : Le mot de passe est très proche de l'expiration, selon le seuil critique configuré.
-        - Avertissement : Le mot de passe approche de l'expiration, selon le seuil d'avertissement configuré.
-    Le script génère un rapport HTML contenant :
-        • Les détails de la politique de mot de passe du domaine (durée maximale, durée minimale, longueur minimale, complexité, historique et seuils de verrouillage).
-        • Un résumé statistique indiquant le nombre d'utilisateurs par catégorie.
-        • Une liste détaillée des comptes répartis par catégorie.
-    Les options de test ont été supprimées.
-.PARAMETER TargetOU
-    Spécifie l'OU dans laquelle rechercher les utilisateurs. Exemple : "OU=Utilisateurs,DC=domaine,DC=local".
-.PARAMETER WarningThreshold
-    Nombre de jours avant expiration déclenchant un avertissement (par défaut : 15).
-.PARAMETER CriticalThreshold
-    Nombre de jours avant expiration déclenchant une alerte critique (par défaut : 7).
-.PARAMETER IncludeDisabled
-    Indique si les comptes désactivés doivent être inclus dans le rapport (false par défaut).
-.PARAMETER IncludeNeverExpires
-    Indique si les comptes dont le mot de passe n'expire jamais doivent être inclus dans le rapport (false par défaut).
-.EXAMPLE
-    .\Check-PasswordExpiration.ps1 -TargetOU "OU=Utilisateurs,DC=domaine,DC=local"
-    Exécute le script avec l'OU spécifiée et les seuils par défaut.
-.EXAMPLE
-    .\Check-PasswordExpiration.ps1 -TargetOU "OU=Utilisateurs,DC=domaine,DC=local" -WarningThreshold 20 -CriticalThreshold 10
-    Exécute le script avec des seuils personnalisés pour les alertes d’avertissement et critiques.
+    This script verifies whether it is running in a PowerShell 7+ environment. 
+    If not, and if PowerShell 7 (pwsh) is available on the system, it re-invokes itself using pwsh, passing along any parameters.
+    If pwsh is not found, the script outputs a message and exits with an error code.
+    Once running in PowerShell 7 or higher, it sets the output rendering mode to plaintext for consistent formatting.
+
 .NOTES
-    Author: Peter Quellennec
-    Date: 27/05/25
+    Author: PQU
+    Date: 29/04/2025
     #public
-#>
-{{CallPowerShell7Lite}}
-
-$TargetOU           = $env:TARGET_OU
-$SmtpServer         = $env:SMTP_SERVER
-$SmtpPort           = [int]$env:SMTP_PORT
-$AdminEmail         = $env:ADMIN_EMAIL
-$FromEmail          = $env:FROM_EMAIL
-$signmail           = $env:SIGNMAIL
-$WarningThreshold   = [int]$env:WARNING_THRESHOLD
-$CriticalThreshold  = [int]$env:CRITICAL_THRESHOLD
-$EmailSignature     = $env:EMAIL_SIGNATURE
-
-function Convert-ToBoolean($value) {
-    return $value -match '^(1|true|yes)$'
-}
-
-$IncludeDisabled       = Convert-ToBoolean $env:INCLUDE_DISABLED
-$IncludeNeverExpires   = Convert-ToBoolean $env:INCLUDE_NEVER_EXPIRES
-$GenerateReportOnly    = Convert-ToBoolean $env:GENERATE_REPORT_ONLY
-
-if ($env:SMTP_CREDENTIAL_USERNAME -and $env:SMTP_CREDENTIAL_PASSWORD) {
-    try {
-        $SecurePassword = ConvertTo-SecureString $env:SMTP_CREDENTIAL_PASSWORD -AsPlainText -Force
-        $SmtpCredential = New-Object System.Management.Automation.PSCredential ($env:SMTP_CREDENTIAL_USERNAME, $SecurePassword)
-    } catch {
-        Write-Error "Failed to create SMTP credentials: $_"
-    }
-}
-
-function Test-Prerequisites {
-    
-    $adFeature = Get-WindowsFeature -Name AD-Domain-Services -ErrorAction Stop
-    if ($adFeature.InstallState -ne 'Installed') {
-        Write-Error "AD Domain Services ne sont pas installés. Arrêt du script."
-        exit 1
-    }
-    
-    if (-not $SmtpServer -or -not $SmtpPort) {
-        Write-Error "Les variables `$SmtpServer et `$SmtpPort doivent être définies avant d'appeler cette fonction."
-        exit 1
-    }
-
-    if (-not (Get-Module -ListAvailable -Name ActiveDirectory)) {
-        Write-Error "Module ActiveDirectory non trouvé. Arrêt du script."
-        exit 1
-    }
-
-    Import-Module ActiveDirectory -ErrorAction Stop
-
-    try {
-        $dc = Get-ADDomainController -Discover -ErrorAction Stop
-        Write-Host "Connexion réussie au contrôleur de domaine : $($dc.HostName)"
-    }
-    catch {
-        Write-Error "Impossible de se connecter au contrôleur de domaine. Arrêt du script."
-        exit 1
-    }
-
-    try {
-        $tcpClient = New-Object System.Net.Sockets.TcpClient
-        $tcpClient.Connect($SmtpServer, $SmtpPort)
-        $tcpClient.Close()
-        Write-Host "Connexion réussie au serveur SMTP : $SmtpServer":"$SmtpPort"
-    }
-    catch {
-        Write-Error "Impossible de se connecter au serveur SMTP : $SmtpServer sur le port $SmtpPort. Arrêt du script."
-        exit 1
-    }
-}
 
-function Get-UserPasswordExpirationInfo {
-    param (
-        $user,
-        $maxPasswordAge
-    )
-
-    $result = [PSCustomObject]@{
-        Name            = $user.Name
-        SamAccountName  = $user.SamAccountName
-        Email           = $user.EmailAddress
-        ExpirationDate  = $null
-        DaysLeft        = $null
-        Status          = "OK"
-        Enabled         = $user.Enabled
-        PasswordNeverExpires = $user.PasswordNeverExpires
-    }
-
-    if ($user.PasswordLastSet -eq $null) {
-        $result.Status = "NeverLoggedIn"
-        return $result
-    }
-
-    if ($user.PasswordNeverExpires) {
-        $result.Status = "NeverExpires"
-        return $result
-    }
-
-    $passwordExpirationDate = $user.PasswordLastSet + $maxPasswordAge
-    $daysLeft = ($passwordExpirationDate - (Get-Date)).Days
-
-    $result.ExpirationDate = $passwordExpirationDate
-    $result.DaysLeft = $daysLeft
-
-    if ($daysLeft -lt 0) {
-        $result.Status = "Expired"
-    }
-    elseif ($daysLeft -le $CriticalThreshold) {
-        $result.Status = "Critical"
-    }
-    elseif ($daysLeft -le $WarningThreshold) {
-        $result.Status = "Warning"
-    }
-
-    return $result
-}
+.CHANGELOG
+  22.05.25 SAN Added UTF8 to fix encoding issue with russian & french chars
+  06.06.25 PQU Added support for multiple admin emails
+#>
 
-function ConvertTo-HtmlReport {
-    param (
-        $expiredUsers,
-        $criticalUsers,
-        $warningUsers,
-        $neverExpiresUsers,
-        $neverLoggedInUsers,
-        $disabledUsers,
-        $targetOU,
-        $passwordPolicy,
-        $warningThreshold,
-        $criticalThreshold
-    )
 
-    $html = @"
-<!DOCTYPE html>
-<html>
-<head>
-    <title>Rapport d'expiration des mots de passe</title>
-    <style>
-        body { font-family: Arial, sans-serif; margin: 20px; }
-        h1 { color: #2c3e50; }
-        h2 { color: #333; margin-top: 30px; }
-        table { width: 100%; border-collapse: collapse; margin-bottom: 20px; }
-        th { background-color: #3498db; color: white; padding: 10px; text-align: left; }
-        td { padding: 10px; border-bottom: 1px solid #ddd; }
-        .expired { background-color: #ffdddd; }
-        .critical { background-color: #fff3cd; }
-        .warning { background-color: #ffe8cc; }
-        .never-expires { background-color: #e7f3fe; }
-        .never-logged { background-color: #f1f1f1; }
-        .disabled { background-color: #f8f9fa; }
-        .summary { background-color: #f8f9fa; padding: 15px; border-radius: 5px; margin-bottom: 20px; }
-        .policy { background-color: #e8f4f8; padding: 15px; border-radius: 5px; margin-bottom: 20px; }
-        .badge { padding: 3px 8px; border-radius: 3px; font-weight: bold; }
-        .badge-expired { background-color: #dc3545; color: white; }
-        .badge-critical { background-color: #ffc107; }
-        .badge-warning { background-color: #fd7e14; color: white; }
-        .badge-never { background-color: #17a2b8; color: white; }
-        .badge-disabled { background-color: #6c757d; color: white; }
-        .badge-neverlogged { background-color: #adb5bd; }
-    </style>
-</head>
-<body>
-    <h1>Rapport d'expiration des mots de passe</h1>
-    
-    <div class="policy">
-        <h2>Politique de mot de passe du domaine</h2>
-        <p><strong>Durée maximale du mot de passe:</strong> $($passwordPolicy.MaxPasswordAge.Days) jours</p>
-        <p><strong>Durée minimale du mot de passe:</strong> $($passwordPolicy.MinPasswordAge.Days) jours</p>
-        <p><strong>Longueur minimale:</strong> $($passwordPolicy.MinPasswordLength) caractères</p>
-        <p><strong>Complexité requise:</strong> $($passwordPolicy.ComplexityEnabled)</p>
-        <p><strong>Historique du mot de passe:</strong> $($passwordPolicy.PasswordHistoryCount) mots de passe</p>
-        <p><strong>Verrouillage de compte:</strong> $($passwordPolicy.LockoutThreshold) tentatives (durée: $($passwordPolicy.LockoutDuration.Minutes) minutes, observation: $($passwordPolicy.LockoutObservationWindow.Minutes) minutes)</p>
-    </div>
-    
-    <div class="summary">
-        <p><strong>Seuil d'avertissement :</strong> $warningThreshold jours</p>
-        <p><strong>Seuil critique :</strong> $criticalThreshold jours</p>
-        <p><strong>Statistiques :</strong>
-            <span class="badge badge-expired">Expirés: $($expiredUsers.Count)</span>
-            <span class="badge badge-critical">Critiques: $($criticalUsers.Count)</span>
-            <span class="badge badge-warning">Avertissement: $($warningUsers.Count)</span>
-            <span class="badge badge-never">Expirent jamais: $($neverExpiresUsers.Count)</span>
-            <span class="badge badge-neverlogged">Jamais connectés: $($neverLoggedInUsers.Count)</span>
-            <span class="badge badge-disabled">Désactivés: $($disabledUsers.Count)</span>
-        </p>
-    </div>
+if (!($PSVersionTable.PSVersion.Major -ge 7)) {
+    if (Get-Command pwsh -ErrorAction SilentlyContinue) {
+      pwsh -File "`"$PSCommandPath`"" @PSBoundParameters
+      exit $LASTEXITCODE
+    } else {
+      Write-Output "ERROR: PowerShell 7 is not available. Exiting."
+      exit 1
+    }
+  }
+  [Console]::OutputEncoding = [Text.Encoding]::UTF8
+  $PSStyle.OutputRendering = "plaintext"
+  
+  
+  $TargetOU           = $env:TARGET_OU
+  $SmtpServer         = $env:SMTP_SERVER
+  $SmtpPort           = [int]$env:SMTP_PORT
+  $AdminEmails        = $env:ADMIN_EMAIL -split '[,;]' | ForEach-Object { $_.Trim() } | Where-Object { $_ }
+  $FromEmail          = $env:FROM_EMAIL
+  $WarningThreshold   = [int]$env:WARNING_THRESHOLD
+  $CriticalThreshold  = [int]$env:CRITICAL_THRESHOLD
+  $EmailSignature     = $env:EMAIL_SIGNATURE
+  
+  function Convert-ToBoolean($value) {
+      return $value -match '^(1|true|yes)$'
+  }
+  
+  $IncludeDisabled       = Convert-ToBoolean $env:INCLUDE_DISABLED
+  $IncludeNeverExpires   = Convert-ToBoolean $env:INCLUDE_NEVER_EXPIRES
+  $GenerateReportOnly    = Convert-ToBoolean $env:GENERATE_REPORT_ONLY
+  
+  if ($env:SMTP_CREDENTIAL_USERNAME -and $env:SMTP_CREDENTIAL_PASSWORD) {
+      try {
+          $SecurePassword = ConvertTo-SecureString $env:SMTP_CREDENTIAL_PASSWORD -AsPlainText -Force
+          $SmtpCredential = New-Object System.Management.Automation.PSCredential ($env:SMTP_CREDENTIAL_USERNAME, $SecurePassword)
+      } catch {
+          Write-Error "Failed to create SMTP credentials: $_"
+      }
+  }
+  
+  function Test-Prerequisites {
+      
+      $adFeature = Get-WindowsFeature -Name AD-Domain-Services -ErrorAction Stop
+      if ($adFeature.InstallState -ne 'Installed') {
+          Write-Error "AD Domain Services ne sont pas installés. Arrêt du script."
+          exit 1
+      }
+      
+      if (-not $SmtpServer -or -not $SmtpPort) {
+          Write-Error "Les variables `$SmtpServer et `$SmtpPort doivent être définies avant d'appeler cette fonction."
+          exit 1
+      }
+  
+      if (-not (Get-Module -ListAvailable -Name ActiveDirectory)) {
+          Write-Error "Module ActiveDirectory non trouvé. Arrêt du script."
+          exit 1
+      }
+  
+      Import-Module ActiveDirectory -ErrorAction Stop
+  
+      try {
+          $dc = Get-ADDomainController -Discover -ErrorAction Stop
+          Write-Host "Connexion réussie au contrôleur de domaine : $($dc.HostName)"
+      }
+      catch {
+          Write-Error "Impossible de se connecter au contrôleur de domaine. Arrêt du script."
+          exit 1
+      }
+  
+      try {
+          $tcpClient = New-Object System.Net.Sockets.TcpClient
+          $tcpClient.Connect($SmtpServer, $SmtpPort)
+          $tcpClient.Close()
+          Write-Host "Connexion réussie au serveur SMTP : $SmtpServer":"$SmtpPort"
+      }
+      catch {
+          Write-Error "Impossible de se connecter au serveur SMTP : $SmtpServer sur le port $SmtpPort. Arrêt du script."
+          exit 1
+      }
+  }
+  
+  function Get-UserPasswordExpirationInfo {
+      param (
+          $user,
+          $maxPasswordAge
+      )
+  
+      $result = [PSCustomObject]@{
+          Name            = $user.Name
+          SamAccountName  = $user.SamAccountName
+          Email           = $user.EmailAddress
+          ExpirationDate  = $null
+          DaysLeft        = $null
+          Status          = "OK"
+          Enabled         = $user.Enabled
+          PasswordNeverExpires = $user.PasswordNeverExpires
+      }
+  
+      if ($user.PasswordLastSet -eq $null) {
+          $result.Status = "NeverLoggedIn"
+          return $result
+      }
+  
+      if ($user.PasswordNeverExpires) {
+          $result.Status = "NeverExpires"
+          return $result
+      }
+  
+      $passwordExpirationDate = $user.PasswordLastSet + $maxPasswordAge
+      $daysLeft = ($passwordExpirationDate - (Get-Date)).Days
+  
+      $result.ExpirationDate = $passwordExpirationDate
+      $result.DaysLeft = $daysLeft
+  
+      if ($daysLeft -lt 0) {
+          $result.Status = "Expired"
+      }
+      elseif ($daysLeft -le $CriticalThreshold) {
+          $result.Status = "Critical"
+      }
+      elseif ($daysLeft -le $WarningThreshold) {
+          $result.Status = "Warning"
+      }
+  
+      return $result
+  }
+  
+  function ConvertTo-HtmlReport {
+      param (
+          $expiredUsers,
+          $criticalUsers,
+          $warningUsers,
+          $neverExpiresUsers,
+          $neverLoggedInUsers,
+          $disabledUsers,
+          $targetOU,
+          $passwordPolicy,
+          $warningThreshold,
+          $criticalThreshold
+      )
+  
+      $html = @"
+  <!DOCTYPE html>
+  <html>
+  <head>
+      <title>Rapport d'expiration des mots de passe</title>
+      <style>
+          body { font-family: Arial, sans-serif; margin: 20px; }
+          h1 { color: #2c3e50; }
+          h2 { color: #333; margin-top: 30px; }
+          table { width: 100%; border-collapse: collapse; margin-bottom: 20px; }
+          th { background-color: #3498db; color: white; padding: 10px; text-align: left; }
+          td { padding: 10px; border-bottom: 1px solid #ddd; }
+          .expired { background-color: #ffdddd; }
+          .critical { background-color: #fff3cd; }
+          .warning { background-color: #ffe8cc; }
+          .never-expires { background-color: #e7f3fe; }
+          .never-logged { background-color: #f1f1f1; }
+          .disabled { background-color: #f8f9fa; }
+          .summary { background-color: #f8f9fa; padding: 15px; border-radius: 5px; margin-bottom: 20px; }
+          .policy { background-color: #e8f4f8; padding: 15px; border-radius: 5px; margin-bottom: 20px; }
+          .badge { padding: 3px 8px; border-radius: 3px; font-weight: bold; }
+          .badge-expired { background-color: #dc3545; color: white; }
+          .badge-critical { background-color: #ffc107; }
+          .badge-warning { background-color: #fd7e14; color: white; }
+          .badge-never { background-color: #17a2b8; color: white; }
+          .badge-disabled { background-color: #6c757d; color: white; }
+          .badge-neverlogged { background-color: #adb5bd; }
+      </style>
+  </head>
+  <body>
+      <h1>Rapport d'expiration des mots de passe</h1>
+      
+      <div class="policy">
+          <h2>Politique de mot de passe du domaine</h2>
+          <p><strong>Durée maximale du mot de passe:</strong> $($passwordPolicy.MaxPasswordAge.Days) jours</p>
+          <p><strong>Durée minimale du mot de passe:</strong> $($passwordPolicy.MinPasswordAge.Days) jours</p>
+          <p><strong>Longueur minimale:</strong> $($passwordPolicy.MinPasswordLength) caractères</p>
+          <p><strong>Complexité requise:</strong> $($passwordPolicy.ComplexityEnabled)</p>
+          <p><strong>Historique du mot de passe:</strong> $($passwordPolicy.PasswordHistoryCount) mots de passe</p>
+          <p><strong>Verrouillage de compte:</strong> $($passwordPolicy.LockoutThreshold) tentatives (durée: $($passwordPolicy.LockoutDuration.Minutes) minutes, observation: $($passwordPolicy.LockoutObservationWindow.Minutes) minutes)</p>
+      </div>
+      
+      <div class="summary">
+          <p><strong>Seuil d'avertissement :</strong> $warningThreshold jours</p>
+          <p><strong>Seuil critique :</strong> $criticalThreshold jours</p>
+          <p><strong>Statistiques :</strong>
+              <span class="badge badge-expired">Expirés: $($expiredUsers.Count)</span>
+              <span class="badge badge-critical">Critiques: $($criticalUsers.Count)</span>
+              <span class="badge badge-warning">Avertissement: $($warningUsers.Count)</span>
+              <span class="badge badge-never">Expirent jamais: $($neverExpiresUsers.Count)</span>
+              <span class="badge badge-neverlogged">Jamais connectés: $($neverLoggedInUsers.Count)</span>
+              <span class="badge badge-disabled">Désactivés: $($disabledUsers.Count)</span>
+          </p>
+      </div>
+  "@
+  
+      if ($expiredUsers) {
+          $html += "<h2>Comptes expirés <span class='badge badge-expired'>$($expiredUsers.Count)</span></h2>"
+          $html += $expiredUsers | Select-Object Name, SamAccountName, Email, @{Name="ExpirationDate";Expression={$_.ExpirationDate.ToString("dd/MM/yyyy")}}, DaysLeft, Enabled | ConvertTo-Html -Fragment
+      }
+  
+      if ($criticalUsers) {
+          $html += "<h2>Comptes critiques <span class='badge badge-critical'>$($criticalUsers.Count)</span></h2>"
+          $html += $criticalUsers | Select-Object Name, SamAccountName, Email,  @{Name="ExpirationDate";Expression={$_.ExpirationDate.ToString("dd/MM/yyyy")}}, DaysLeft, Enabled | ConvertTo-Html -Fragment
+      }
+  
+      if ($warningUsers) {
+          $html += "<h2>Comptes en avertissement <span class='badge badge-warning'>$($warningUsers.Count)</span></h2>"
+          $html += $warningUsers | Select-Object Name, SamAccountName, Email,  @{Name="ExpirationDate";Expression={$_.ExpirationDate.ToString("dd/MM/yyyy")}}, DaysLeft, Enabled | ConvertTo-Html -Fragment
+      }
+  
+      if ($IncludeNeverExpires -and $neverExpiresUsers) {
+          $html += "<h2>Comptes avec mot de passe n expirant jamais <span class='badge badge-never'>$($neverExpiresUsers.Count)</span></h2>"
+          $html += $neverExpiresUsers | Select-Object Name, SamAccountName, Email, Enabled | ConvertTo-Html -Fragment
+      }
+  
+      if ($neverLoggedInUsers) {
+          $html += "<h2>Comptes jamais connectés <span class='badge badge-neverlogged'>$($neverLoggedInUsers.Count)</span></h2>"
+          $html += $neverLoggedInUsers | Select-Object Name, SamAccountName, Email, Enabled | ConvertTo-Html -Fragment
+      }
+  
+      if ($IncludeDisabled -and $disabledUsers) {
+          $html += "<h2>Comptes désactivés <span class='badge badge-disabled'>$($disabledUsers.Count)</span></h2>"
+          $html += $disabledUsers | Select-Object Name, SamAccountName, Email,  @{Name="ExpirationDate";Expression={if($_.ExpirationDate){$_.ExpirationDate.ToString("dd/MM/yyyy")}else{"N/A"}}}, DaysLeft | ConvertTo-Html -Fragment
+      }
+  
+      $html += @"
+      <p style="margin-top: 30px; font-size: 0.9em; color: #666;">Généré le : $(Get-Date -Format "dd/MM/yyyy HH:mm")</p>
+  </body>
+  </html>
 "@
-
-    if ($expiredUsers) {
-        $html += "<h2>Comptes expirés <span class='badge badge-expired'>$($expiredUsers.Count)</span></h2>"
-        $html += $expiredUsers | Select-Object Name, SamAccountName, Email, @{Name="ExpirationDate";Expression={$_.ExpirationDate.ToString("dd/MM/yyyy")}}, DaysLeft, Enabled | ConvertTo-Html -Fragment
-    }
-
-    if ($criticalUsers) {
-        $html += "<h2>Comptes critiques <span class='badge badge-critical'>$($criticalUsers.Count)</span></h2>"
-        $html += $criticalUsers | Select-Object Name, SamAccountName, Email,  @{Name="ExpirationDate";Expression={$_.ExpirationDate.ToString("dd/MM/yyyy")}}, DaysLeft, Enabled | ConvertTo-Html -Fragment
-    }
-
-    if ($warningUsers) {
-        $html += "<h2>Comptes en avertissement <span class='badge badge-warning'>$($warningUsers.Count)</span></h2>"
-        $html += $warningUsers | Select-Object Name, SamAccountName, Email,  @{Name="ExpirationDate";Expression={$_.ExpirationDate.ToString("dd/MM/yyyy")}}, DaysLeft, Enabled | ConvertTo-Html -Fragment
-    }
-
-    if ($IncludeNeverExpires -and $neverExpiresUsers) {
-        $html += "<h2>Comptes avec mot de passe n expirant jamais <span class='badge badge-never'>$($neverExpiresUsers.Count)</span></h2>"
-        $html += $neverExpiresUsers | Select-Object Name, SamAccountName, Email, Enabled | ConvertTo-Html -Fragment
-    }
-
-    if ($neverLoggedInUsers) {
-        $html += "<h2>Comptes jamais connectés <span class='badge badge-neverlogged'>$($neverLoggedInUsers.Count)</span></h2>"
-        $html += $neverLoggedInUsers | Select-Object Name, SamAccountName, Email, Enabled | ConvertTo-Html -Fragment
-    }
-
-    if ($IncludeDisabled -and $disabledUsers) {
-        $html += "<h2>Comptes désactivés <span class='badge badge-disabled'>$($disabledUsers.Count)</span></h2>"
-        $html += $disabledUsers | Select-Object Name, SamAccountName, Email,  @{Name="ExpirationDate";Expression={if($_.ExpirationDate){$_.ExpirationDate.ToString("dd/MM/yyyy")}else{"N/A"}}}, DaysLeft | ConvertTo-Html -Fragment
-    }
-
-    $html += @"
-    <p style="margin-top: 30px; font-size: 0.9em; color: #666;">Généré le : $(Get-Date -Format "dd/MM/yyyy HH:mm")</p>
-</body>
-</html>
+  
+      return $html
+  }
+  
+  function Get-EmailSignature {
+      if ($EmailSignature) {
+          return "<div class='email-signature'>$EmailSignature</div>"
+      }
+      
+      return @"
+  <div class='email-signature' style='margin-top: 20px; border-top: 1px solid #ccc; padding-top: 10px;'>
+      <p style='color: #666; font-size: 12px; margin: 0;'>
+          <strong>Service Informatique</strong><br>
+          Téléphone : +33 (0)1 XX XX XX XX<br>
+          Email : support@domain.com<br>
+          <em>Ce message est généré automatiquement, merci de ne pas y répondre directement.</em>
+      </p>
+  </div>
 "@
-
-    return $html
-}
-function Get-EmailSignature {
-    if ($EmailSignature) {
-        return $EmailSignature
-    }
-
-        return @"
-<div style="margin-top: 20px; border-top: 1px solid #ccc; padding-top: 10px;">
-    <p style="color: #666; font-size: 12px;">
-        <strong>Service Informatique</strong><br>
-        Téléphone : +33 (0)1 XX XX XX XX<br>
-        Email : support@domain.com<br>
-        <em>Ce message est généré automatiquement, merci de ne pas y répondre directement.</em>
-    </p>
-</div>
+ }
+  
+  function Send-EmailReport {
+      param(
+          [string[]]$Recipients,
+          [string]$Subject,
+          [string]$Body,
+          [string]$SmtpServer,
+          [int]$Port = 25,
+          [string]$FromAddress,
+          [string[]]$Attachments
+      )
+  
+      if ((Get-Date).DayOfWeek -ne 'Monday') {
+          Write-Host "Les emails ne sont envoyés que le lundi. Arrêt de l'envoi."
+          return
+      }
+  
+      $signature = Get-EmailSignature
+      $bodyWithSignature = $Body
+      if ($Body -match '(?i)</body>') {
+          $bodyWithSignature = $Body -replace '(?i)</body>', "$signature</body>"
+      } else {
+          $bodyWithSignature = "$Body$signature"
+      }
+  
+      $mailMessage = New-Object System.Net.Mail.MailMessage
+      $mailMessage.From = $FromAddress
+      foreach ($recipient in $Recipients) { $mailMessage.To.Add($recipient) }
+      $mailMessage.Subject = $Subject
+      $mailMessage.Body = $bodyWithSignature
+      $mailMessage.IsBodyHtml = $true
+       if ($Attachments) {
+          foreach ($att in $Attachments) {
+              $mailMessage.Attachments.Add((New-Object System.Net.Mail.Attachment($att)))
+          }
+      }
+      $smtpClient = New-Object System.Net.Mail.SmtpClient($SmtpServer, $Port)
+      if ($SmtpCredential) {
+          $smtpClient.Credentials = $SmtpCredential
+      }
+      try {
+          $smtpClient.Send($mailMessage)
+          Write-Host "Email sent successfully."
+      }
+      catch {
+          Write-Error "Failed to send email: $_"
+      }
+  }
+  
+  function Send-UserNotification {
+      param(
+          [string]$Recipient,
+          [string]$Subject,
+          [string]$Body,
+          [string]$SmtpServer,
+          [int]$Port = 25,
+          [string]$FromAddress
+      )
+      
+      $signature = Get-EmailSignature
+      $bodyWithSignature = $Body
+      if ($Body -match '(?i)</body>') {
+          $bodyWithSignature = $Body -replace '(?i)</body>', "$signature</body>"
+      } else {
+          $bodyWithSignature = @"
+  <!DOCTYPE html>
+  <html>
+  <head>
+      <meta charset="UTF-8">
+  </head>
+  <body>
+  $Body
+  $signature
+  </body>
+  </html>
 "@
-}
-
-function Send-EmailReport {
-    param(
-        [string[]]$Recipients,
-        [string]$Subject,
-        [string]$Body,
-        [string]$SmtpServer,
-        [int]$Port = 25,
-        [string]$FromAddress,
-        [string[]]$Attachments
-    )
-
-    if ((Get-Date).DayOfWeek -ne 'Monday') {
-        Write-Host "Les emails ne sont envoyés que le lundi. Arrêt de l'envoi."
-        return
-    }
-    $signature = Get-EmailSignature
-    $mailMessage = New-Object System.Net.Mail.MailMessage
-    $mailMessage.From = $FromAddress
-    foreach ($recipient in $Recipients) { $mailMessage.To.Add($recipient) }
-    $mailMessage.Subject = $Subject
-    $mailMessage.Body = $Body
-    $mailMessage.IsBodyHtml = $true
-     if ($Attachments) {
-        foreach ($att in $Attachments) {
-            $mailMessage.Attachments.Add((New-Object System.Net.Mail.Attachment($att)))
-        }
-    }
-    $smtpClient = New-Object System.Net.Mail.SmtpClient($SmtpServer, $Port)
-    try {
-        $smtpClient.Send($mailMessage)
-        Write-Host "Email sent successfully."
-    }
-    catch {
-        Write-Error "Failed to send email: $_"
-    }
-}
-
-function Send-UserNotification {
-    param(
-        [string]$Recipient,
-        [string]$Subject,
-        [string]$Body,
-        [string]$SmtpServer,
-        [int]$Port = 25,
-        [string]$FromAddress
-    )
-    $signature = Get-EmailSignature
-    if ($Body -match '</body>') {
-        } else {
-        $bodyWithSignature = "$Body$signature"
-    }
-    $mailMessage = New-Object System.Net.Mail.MailMessage
-    $mailMessage.From = $FromAddress
-    $mailMessage.To.Add($Recipient)
-    $mailMessage.Subject = $Subject
-    $mailMessage.Body = $Body
-    $mailMessage.signmail= $signmail
-    $mailMessage.IsBodyHtml = $true
-    $smtpClient = New-Object System.Net.Mail.SmtpClient($SmtpServer, $Port)
-    try {
-        $smtpClient.Send($mailMessage)
-        Write-Host "Notification sent to $Recipient."
     }
-    catch {
-        Write-Error "Failed to send notification to ${Recipient}: $_"
-    }
-}
-
-try {
-    $passwordPolicy = Get-ADDefaultDomainPasswordPolicy
-    $maxPasswordAge = $passwordPolicy.MaxPasswordAge
-    
-    Write-Host "Politique de mot de passe du domaine:"
-    Write-Host "  - Durée maximale: $($maxPasswordAge.Days) jours"
-    Write-Host "  - Durée minimale: $($passwordPolicy.MinPasswordAge.Days) jours"
-    Write-Host "  - Longueur minimale: $($passwordPolicy.MinPasswordLength) caractères"
-    Write-Host "  - Complexité: $($passwordPolicy.ComplexityEnabled)"
-}
-catch {
-    Write-Error "Erreur lors de la récupération de la politique de mot de passe : $_"
-    exit 1
-}
-
-try {
-    $ouExists = Get-ADOrganizationalUnit -Identity $TargetOU -ErrorAction Stop
-}
-catch {
-    Write-Error "L'OU spécifiée n'existe pas ou est inaccessible : $TargetOU"
-    exit 1
-}
-
-$filter = "PasswordNeverExpires -eq `$false"
-if ($IncludeDisabled) {
-    $filter = "($filter) -or (Enabled -eq `$false)"
-}
-if ($IncludeNeverExpires) {
-    $filter = "PasswordNeverExpires -eq `$true -or ($filter)"
-}
-
-try {
-    Write-Host "Recherche des utilisateurs dans l'OU: $TargetOU"
-    $users = Get-ADUser -SearchBase $TargetOU -Filter * -Properties Name, SamAccountName, EmailAddress, PasswordLastSet, PasswordNeverExpires, Enabled | Where-Object {
-        if ($IncludeDisabled -and $IncludeNeverExpires) { $true }
-        elseif ($IncludeDisabled) { -not $_.PasswordNeverExpires }
-        elseif ($IncludeNeverExpires) { $_.Enabled }
-        else { $_.Enabled -and (-not $_.PasswordNeverExpires) }
-    }
-    
-    Write-Host "Nombre d'utilisateurs trouvés: $($users.Count)"
-}
-catch {
-    Write-Error "Erreur lors de la récupération des utilisateurs : $_"
-    exit 1
-}
-
-if (-not $users) {
-    Write-Host "Aucun utilisateur trouvé dans l'OU spécifiée avec les critères actuels."
-    exit
-}
-
-$reportData = foreach ($user in $users) {
-    if ($user.PasswordNeverExpires -or ($user.PasswordLastSet -eq $null -and -not $IncludeNeverExpires)) {
-        [PSCustomObject]@{
-            Name            = $user.Name
-            SamAccountName  = $user.SamAccountName
-            Email           = $user.EmailAddress
-            ExpirationDate  = $null
-            DaysLeft        = $null
-            Status          = if ($user.PasswordNeverExpires) { "NeverExpires" } else { "NeverLoggedIn" }
-            Enabled         = $user.Enabled
-            PasswordNeverExpires = $user.PasswordNeverExpires
-        }
-    }
-    else {
-        Get-UserPasswordExpirationInfo -user $user -maxPasswordAge $maxPasswordAge
-    }
-}
-
-$expiredUsers = $reportData | Where-Object { $_.Status -eq "Expired" } | Sort-Object DaysLeft
-$criticalUsers = $reportData | Where-Object { $_.Status -eq "Critical" } | Sort-Object DaysLeft
-$warningUsers = $reportData | Where-Object { $_.Status -eq "Warning" } | Sort-Object DaysLeft
-$neverExpiresUsers = $reportData | Where-Object { $_.Status -eq "NeverExpires" }
-$neverLoggedInUsers = $reportData | Where-Object { $_.Status -eq "NeverLoggedIn" }
-$disabledUsers = $reportData | Where-Object { $_.Enabled -eq $false }
-
-$reportFileName = "PasswordExpirationReport_$(Get-Date -Format 'yyyyMMdd_HHmm').html"
-$htmlReport = ConvertTo-HtmlReport -expiredUsers $expiredUsers -criticalUsers $criticalUsers -warningUsers $warningUsers -neverExpiresUsers $neverExpiresUsers -neverLoggedInUsers $neverLoggedInUsers -disabledUsers $disabledUsers -targetOU $TargetOU -passwordPolicy $passwordPolicy -warningThreshold $WarningThreshold -criticalThreshold $CriticalThreshold
-$htmlReport | Out-File $reportFileName -Encoding UTF8
-
-Write-Host "Rapport généré avec succès : $reportFileName"
-Write-Host "Résumé :"
-Write-Host "  - Comptes expirés: $($expiredUsers.Count)"
-Write-Host "  - Comptes critiques: $($criticalUsers.Count)"
-Write-Host "  - Comptes en avertissement: $($warningUsers.Count)"
-Write-Host "  - Comptes expirant jamais: $($neverExpiresUsers.Count)"
-Write-Host "  - Comptes jamais connectés: $($neverLoggedInUsers.Count)"
-Write-Host "  - Comptes désactivés: $($disabledUsers.Count)"
-
-if ($GenerateReportOnly) {
-    Write-Host "Option GenerateReportOnly activée, rapport généré uniquement. Arrêt du script."
-    exit 0
-}
-
-foreach ($user in $reportData | Where-Object { $_.Status -in @("Warning", "Critical", "Expired") }) {
-    if ($user.Email) {  
-        $expirationDate = if ($user.ExpirationDate) { $user.ExpirationDate.ToString("dd/MM/yyyy") } else { "N/A" }
-        $subject = "Avertissement: Expiration de votre mot de passe"
-        $body = @"
-<!DOCTYPE html>
-<html>
-<head>
-    <meta charset="UTF-8">
-    <style>
-        body { font-family: Arial, sans-serif; }
-        .warning { color: #fd7e14; }
-        .critical { color: #dc3545; }
-        .expired { color: #6c757d; }
-    </style>
-</head>
-<body>
-    <p>Bonjour $($user.Name),</p>
-    <p>Votre mot de passe est dans un état <strong class='$($user.Status.ToLower())'>$($user.Status)</strong>.</p>
-    <p><strong>Date d'expiration:</strong> $expirationDate</p>
-    <p>Veuillez mettre à jour votre mot de passe dès que possible pour éviter tout problème d'accès.</p>
-    
-</body>
-</html>
+      
+      $mailMessage = New-Object System.Net.Mail.MailMessage
+      $mailMessage.From = $FromAddress
+      $mailMessage.To.Add($Recipient)
+      $mailMessage.Subject = $Subject
+      $mailMessage.Body = $bodyWithSignature
+      $mailMessage.IsBodyHtml = $true
+      
+      $smtpClient = New-Object System.Net.Mail.SmtpClient($SmtpServer, $Port)
+      if ($SmtpCredential) {
+          $smtpClient.Credentials = $SmtpCredential
+      }
+      try {
+          $smtpClient.Send($mailMessage)
+          Write-Host "Notification sent to $Recipient."
+      }
+      catch {
+          Write-Error "Failed to send notification to ${Recipient}: $_"
+      }
+  }
+  
+  try {
+      $passwordPolicy = Get-ADDefaultDomainPasswordPolicy
+      $maxPasswordAge = $passwordPolicy.MaxPasswordAge
+      
+      Write-Host "Politique de mot de passe du domaine:"
+      Write-Host "  - Durée maximale: $($maxPasswordAge.Days) jours"
+      Write-Host "  - Durée minimale: $($passwordPolicy.MinPasswordAge.Days) jours"
+      Write-Host "  - Longueur minimale: $($passwordPolicy.MinPasswordLength) caractères"
+      Write-Host "  - Complexité: $($passwordPolicy.ComplexityEnabled)"
+  }
+  catch {
+      Write-Error "Erreur lors de la récupération de la politique de mot de passe : $_"
+      exit 1
+  }
+  
+  try {
+      $ouExists = Get-ADOrganizationalUnit -Identity $TargetOU -ErrorAction Stop
+  }
+  catch {
+      Write-Error "L'OU spécifiée n'existe pas ou est inaccessible : $TargetOU"
+      exit 1
+  }
+  
+  $filter = "PasswordNeverExpires -eq `$false"
+  if ($IncludeDisabled) {
+      $filter = "($filter) -or (Enabled -eq `$false)"
+  }
+  if ($IncludeNeverExpires) {
+      $filter = "PasswordNeverExpires -eq `$true -or ($filter)"
+  }
+  
+  try {
+      Write-Host "Recherche des utilisateurs dans l'OU: $TargetOU"
+      $users = Get-ADUser -SearchBase $TargetOU -Filter * -Properties Name, SamAccountName, EmailAddress, PasswordLastSet, PasswordNeverExpires, Enabled | Where-Object {
+          if ($IncludeDisabled -and $IncludeNeverExpires) { $true }
+          elseif ($IncludeDisabled) { -not $_.PasswordNeverExpires }
+          elseif ($IncludeNeverExpires) { $_.Enabled }
+          else { $_.Enabled -and (-not $_.PasswordNeverExpires) }
+      }
+      
+      Write-Host "Nombre d'utilisateurs trouvés: $($users.Count)"
+  }
+  catch {
+      Write-Error "Erreur lors de la récupération des utilisateurs : $_"
+      exit 1
+  }
+  
+  if (-not $users) {
+      Write-Host "Aucun utilisateur trouvé dans l'OU spécifiée avec les critères actuels."
+      exit
+  }
+  
+  $reportData = foreach ($user in $users) {
+      if ($user.PasswordNeverExpires -or ($user.PasswordLastSet -eq $null -and -not $IncludeNeverExpires)) {
+          [PSCustomObject]@{
+              Name            = $user.Name
+              SamAccountName  = $user.SamAccountName
+              Email           = $user.EmailAddress
+              ExpirationDate  = $null
+              DaysLeft        = $null
+              Status          = if ($user.PasswordNeverExpires) { "NeverExpires" } else { "NeverLoggedIn" }
+              Enabled         = $user.Enabled
+              PasswordNeverExpires = $user.PasswordNeverExpires
+          }
+      }
+      else {
+          Get-UserPasswordExpirationInfo -user $user -maxPasswordAge $maxPasswordAge
+      }
+  }
+  
+  $expiredUsers = $reportData | Where-Object { $_.Status -eq "Expired" } | Sort-Object DaysLeft
+  $criticalUsers = $reportData | Where-Object { $_.Status -eq "Critical" } | Sort-Object DaysLeft
+  $warningUsers = $reportData | Where-Object { $_.Status -eq "Warning" } | Sort-Object DaysLeft
+  $neverExpiresUsers = $reportData | Where-Object { $_.Status -eq "NeverExpires" }
+  $neverLoggedInUsers = $reportData | Where-Object { $_.Status -eq "NeverLoggedIn" }
+  $disabledUsers = $reportData | Where-Object { $_.Enabled -eq $false }
+  
+  $reportFileName = "PasswordExpirationReport_$(Get-Date -Format 'yyyyMMdd_HHmm').html"
+  $htmlReport = ConvertTo-HtmlReport -expiredUsers $expiredUsers -criticalUsers $criticalUsers -warningUsers $warningUsers -neverExpiresUsers $neverExpiresUsers -neverLoggedInUsers $neverLoggedInUsers -disabledUsers $disabledUsers -targetOU $TargetOU -passwordPolicy $passwordPolicy -warningThreshold $WarningThreshold -criticalThreshold $CriticalThreshold
+  $htmlReport | Out-File $reportFileName -Encoding UTF8
+  
+  Write-Host "Rapport généré avec succès : $reportFileName"
+  Write-Host "Résumé :"
+  Write-Host "  - Comptes expirés: $($expiredUsers.Count)"
+  Write-Host "  - Comptes critiques: $($criticalUsers.Count)"
+  Write-Host "  - Comptes en avertissement: $($warningUsers.Count)"
+  Write-Host "  - Comptes expirant jamais: $($neverExpiresUsers.Count)"
+  Write-Host "  - Comptes jamais connectés: $($neverLoggedInUsers.Count)"
+  Write-Host "  - Comptes désactivés: $($disabledUsers.Count)"
+  
+  if ($GenerateReportOnly) {
+      Write-Host "Option GenerateReportOnly activée, rapport généré uniquement. Arrêt du script."
+      exit 0
+  }
+  
+  foreach ($user in $reportData | Where-Object { $_.Status -in @("Warning", "Critical", "Expired") }) {
+      if ($user.Email) {  
+          $expirationDate = if ($user.ExpirationDate) { $user.ExpirationDate.ToString("dd/MM/yyyy") } else { "N/A" }
+          $subject = "Avertissement: Expiration de votre mot de passe"
+          $body = @"
+  <!DOCTYPE html>
+  <html>
+  <head>
+      <meta charset="UTF-8">
+      <style>
+          body { font-family: Arial, sans-serif; }
+          .warning { color: #fd7e14; }
+          .critical { color: #dc3545; }
+          .expired { color: #6c757d; }
+      </style>
+  </head>
+  <body>
+      <p>Bonjour $($user.Name),</p>
+      <p>Votre mot de passe est dans un état <strong class='$($user.Status.ToLower())'>$($user.Status)</strong>.</p>
+      <p><strong>Date d'expiration:</strong> $expirationDate</p>
+      <p>Veuillez mettre à jour votre mot de passe dès que possible pour éviter tout problème d'accès.</p>
+      <p>Cordialement,</p>
+  </body>
+  </html>
 "@
-        Send-UserNotification -Recipient $user.Email -Subject $subject -Body $body -SmtpServer $SmtpServer -Port $SmtpPort -FromAddress $FromEmail
-    }
-    else {
-        Write-Warning "L'utilisateur $($user.Name) n'a pas d'adresse email définie dans Active Directory."
-    }
-}
-
-if ($reportData.Count -gt 0) {
-    $adminEmails = $AdminEmail      
-    $smtpServer = $SmtpServer          
-    $smtpPort = $SmtpPort              
-    $fromAddress = $FromEmail          
-    $subject = "Rapport hebdomadaire d'expiration des mots de passe"
-    $body = $htmlReport                
-    Send-EmailReport -Recipients $adminEmails -Subject $subject -Body $body -SmtpServer $smtpServer -Port $smtpPort -FromAddress $fromAddress -Attachments @()
-}
-
+          Send-UserNotification -Recipient $user.Email -Subject $subject -Body $body -SmtpServer $SmtpServer -Port $SmtpPort -FromAddress $FromEmail
+      }
+      else {
+          Write-Warning "L'utilisateur $($user.Name) n'a pas d'adresse email définie dans Active Directory."
+      }
+  }
+  
+  if ($AdminEmails) {
+      if ($reportData.Count -gt 0) {
+          $smtpServer = $SmtpServer          
+          $smtpPort = $SmtpPort              
+          $fromAddress = $FromEmail          
+          $subject = "Rapport hebdomadaire d'expiration des mots de passe"
+          $body = $htmlReport                
+          Send-EmailReport -Recipients $AdminEmails -Subject $subject -Body $body -SmtpServer $smtpServer -Port $smtpPort -FromAddress $fromAddress -Attachments @()
+      }
+  } else {
+      Write-Warning "ADMIN_EMAIL n'est pas défini. Aucun email administrateur ne sera envoyé."
+  }

From ac803924ebb71fc7840339f46900802125104b49 Mon Sep 17 00:00:00 2001
From: P6g9YHK6 <17877371+P6g9YHK6@users.noreply.github.com>
Date: Fri, 6 Jun 2025 11:50:51 +0200
Subject: [PATCH 02/23] Update file: Change user password.ps1

---
 .../Tasks/Change user password.ps1            | 37 +++++++++++++++----
 1 file changed, 30 insertions(+), 7 deletions(-)

diff --git a/scripts_staging/Tasks/Change user password.ps1 b/scripts_staging/Tasks/Change user password.ps1
index 2638cb7a..c927c076 100644
--- a/scripts_staging/Tasks/Change user password.ps1	
+++ b/scripts_staging/Tasks/Change user password.ps1	
@@ -12,8 +12,10 @@
         GeneratedPassphrase snippet
     #public
     
+.CHANGELOG
+    06.06.25 SAN added not allow to change the password on non primary DC it causes conflicts if run on multiple DC
+    
 .TODO
-    Do not allow to change the password on non primary DC it causes conflicts
     move param to env
 #>
 
@@ -22,17 +24,38 @@ param(
     [string]$username
 )
 
-#Call snippet
+# Check if the machine is not a Primary Domain Controller
+# this script should not run on multiple DC as it would cause syncronisation issues so for the sake of simplicity it's only allowed to run on PDC
+$domainRole = (Get-WmiObject Win32_ComputerSystem).DomainRole
+$isDomainController = $domainRole -ge 4  # 4 = Backup DC, 5 = Primary DC
+if ($isDomainController) {
+    try {
+        Write-Host "Domain Controller detected"
+        $domain = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()
+        $pdc = $domain.PdcRoleOwner.Name.Split('.')[0]
+        $localComputer = $env:COMPUTERNAME
+
+        if ($pdc -ine $localComputer) {
+            Write-Host "Not the Primary DC"
+            exit 0
+        }
+        Write-Host "Primary DC detected"
+    } catch {
+        Write-Host "Error determining PDC role. Aborting."
+        exit 1
+    }
+}
+
+# Snippet for passphrase
 {{GeneratedPassphrase}}
-$newPassword = $GeneratedPassphrase
 
 # Set the new password for the user
-net user $username $newPassword
+net user $username $GeneratedPassphrase
 
 # Check if the password change was successful
 if ($LASTEXITCODE -eq 0) {
-    Write-Host "$newPassword"
+    Write-Host "$GeneratedPassphrase"
 } else {
-    Write-Host "Password change for $username failed. Please check for errors."
+    Write-Host "Password change for $username failed."
     exit 1
-}
\ No newline at end of file
+}

From 911f42457667d4fc1597cb860e92871e24a0d071 Mon Sep 17 00:00:00 2001
From: P6g9YHK6 <17877371+P6g9YHK6@users.noreply.github.com>
Date: Mon, 9 Jun 2025 09:45:08 +0200
Subject: [PATCH 03/23] Update file: Mail notification password expiry.ps1

---
 .../Mail notification password expiry.ps1     | 937 +++++++++---------
 1 file changed, 452 insertions(+), 485 deletions(-)

diff --git a/scripts_staging/Backend/Mail notification password expiry.ps1 b/scripts_staging/Backend/Mail notification password expiry.ps1
index 94d8c374..1e05d928 100644
--- a/scripts_staging/Backend/Mail notification password expiry.ps1	
+++ b/scripts_staging/Backend/Mail notification password expiry.ps1	
@@ -1,509 +1,476 @@
 <#
 .SYNOPSIS
     Ensures the script is executed using PowerShell 7 or higher.
-
 .DESCRIPTION
     This script verifies whether it is running in a PowerShell 7+ environment. 
     If not, and if PowerShell 7 (pwsh) is available on the system, it re-invokes itself using pwsh, passing along any parameters.
     If pwsh is not found, the script outputs a message and exits with an error code.
     Once running in PowerShell 7 or higher, it sets the output rendering mode to plaintext for consistent formatting.
-
 .NOTES
     Author: PQU
     Date: 29/04/2025
     #public
-
 .CHANGELOG
   22.05.25 SAN Added UTF8 to fix encoding issue with russian & french chars
   06.06.25 PQU Added support for multiple admin emails
 #>
-
-
 if (!($PSVersionTable.PSVersion.Major -ge 7)) {
     if (Get-Command pwsh -ErrorAction SilentlyContinue) {
-      pwsh -File "`"$PSCommandPath`"" @PSBoundParameters
-      exit $LASTEXITCODE
+        pwsh -File "`"$PSCommandPath`"" @PSBoundParameters
+        exit $LASTEXITCODE
     } else {
-      Write-Output "ERROR: PowerShell 7 is not available. Exiting."
-      exit 1
-    }
-  }
-  [Console]::OutputEncoding = [Text.Encoding]::UTF8
-  $PSStyle.OutputRendering = "plaintext"
-  
-  
-  $TargetOU           = $env:TARGET_OU
-  $SmtpServer         = $env:SMTP_SERVER
-  $SmtpPort           = [int]$env:SMTP_PORT
-  $AdminEmails        = $env:ADMIN_EMAIL -split '[,;]' | ForEach-Object { $_.Trim() } | Where-Object { $_ }
-  $FromEmail          = $env:FROM_EMAIL
-  $WarningThreshold   = [int]$env:WARNING_THRESHOLD
-  $CriticalThreshold  = [int]$env:CRITICAL_THRESHOLD
-  $EmailSignature     = $env:EMAIL_SIGNATURE
-  
-  function Convert-ToBoolean($value) {
-      return $value -match '^(1|true|yes)$'
-  }
-  
-  $IncludeDisabled       = Convert-ToBoolean $env:INCLUDE_DISABLED
-  $IncludeNeverExpires   = Convert-ToBoolean $env:INCLUDE_NEVER_EXPIRES
-  $GenerateReportOnly    = Convert-ToBoolean $env:GENERATE_REPORT_ONLY
-  
-  if ($env:SMTP_CREDENTIAL_USERNAME -and $env:SMTP_CREDENTIAL_PASSWORD) {
-      try {
-          $SecurePassword = ConvertTo-SecureString $env:SMTP_CREDENTIAL_PASSWORD -AsPlainText -Force
-          $SmtpCredential = New-Object System.Management.Automation.PSCredential ($env:SMTP_CREDENTIAL_USERNAME, $SecurePassword)
-      } catch {
-          Write-Error "Failed to create SMTP credentials: $_"
-      }
-  }
-  
-  function Test-Prerequisites {
-      
-      $adFeature = Get-WindowsFeature -Name AD-Domain-Services -ErrorAction Stop
-      if ($adFeature.InstallState -ne 'Installed') {
-          Write-Error "AD Domain Services ne sont pas installés. Arrêt du script."
-          exit 1
-      }
-      
-      if (-not $SmtpServer -or -not $SmtpPort) {
-          Write-Error "Les variables `$SmtpServer et `$SmtpPort doivent être définies avant d'appeler cette fonction."
-          exit 1
-      }
-  
-      if (-not (Get-Module -ListAvailable -Name ActiveDirectory)) {
-          Write-Error "Module ActiveDirectory non trouvé. Arrêt du script."
-          exit 1
-      }
-  
-      Import-Module ActiveDirectory -ErrorAction Stop
-  
-      try {
-          $dc = Get-ADDomainController -Discover -ErrorAction Stop
-          Write-Host "Connexion réussie au contrôleur de domaine : $($dc.HostName)"
-      }
-      catch {
-          Write-Error "Impossible de se connecter au contrôleur de domaine. Arrêt du script."
-          exit 1
-      }
-  
-      try {
-          $tcpClient = New-Object System.Net.Sockets.TcpClient
-          $tcpClient.Connect($SmtpServer, $SmtpPort)
-          $tcpClient.Close()
-          Write-Host "Connexion réussie au serveur SMTP : $SmtpServer":"$SmtpPort"
-      }
-      catch {
-          Write-Error "Impossible de se connecter au serveur SMTP : $SmtpServer sur le port $SmtpPort. Arrêt du script."
-          exit 1
-      }
-  }
-  
-  function Get-UserPasswordExpirationInfo {
-      param (
-          $user,
-          $maxPasswordAge
-      )
-  
-      $result = [PSCustomObject]@{
-          Name            = $user.Name
-          SamAccountName  = $user.SamAccountName
-          Email           = $user.EmailAddress
-          ExpirationDate  = $null
-          DaysLeft        = $null
-          Status          = "OK"
-          Enabled         = $user.Enabled
-          PasswordNeverExpires = $user.PasswordNeverExpires
-      }
-  
-      if ($user.PasswordLastSet -eq $null) {
-          $result.Status = "NeverLoggedIn"
-          return $result
-      }
-  
-      if ($user.PasswordNeverExpires) {
-          $result.Status = "NeverExpires"
-          return $result
-      }
-  
-      $passwordExpirationDate = $user.PasswordLastSet + $maxPasswordAge
-      $daysLeft = ($passwordExpirationDate - (Get-Date)).Days
-  
-      $result.ExpirationDate = $passwordExpirationDate
-      $result.DaysLeft = $daysLeft
-  
-      if ($daysLeft -lt 0) {
-          $result.Status = "Expired"
-      }
-      elseif ($daysLeft -le $CriticalThreshold) {
-          $result.Status = "Critical"
-      }
-      elseif ($daysLeft -le $WarningThreshold) {
-          $result.Status = "Warning"
-      }
-  
-      return $result
-  }
-  
-  function ConvertTo-HtmlReport {
-      param (
-          $expiredUsers,
-          $criticalUsers,
-          $warningUsers,
-          $neverExpiresUsers,
-          $neverLoggedInUsers,
-          $disabledUsers,
-          $targetOU,
-          $passwordPolicy,
-          $warningThreshold,
-          $criticalThreshold
-      )
-  
-      $html = @"
-  <!DOCTYPE html>
-  <html>
-  <head>
-      <title>Rapport d'expiration des mots de passe</title>
-      <style>
-          body { font-family: Arial, sans-serif; margin: 20px; }
-          h1 { color: #2c3e50; }
-          h2 { color: #333; margin-top: 30px; }
-          table { width: 100%; border-collapse: collapse; margin-bottom: 20px; }
-          th { background-color: #3498db; color: white; padding: 10px; text-align: left; }
-          td { padding: 10px; border-bottom: 1px solid #ddd; }
-          .expired { background-color: #ffdddd; }
-          .critical { background-color: #fff3cd; }
-          .warning { background-color: #ffe8cc; }
-          .never-expires { background-color: #e7f3fe; }
-          .never-logged { background-color: #f1f1f1; }
-          .disabled { background-color: #f8f9fa; }
-          .summary { background-color: #f8f9fa; padding: 15px; border-radius: 5px; margin-bottom: 20px; }
-          .policy { background-color: #e8f4f8; padding: 15px; border-radius: 5px; margin-bottom: 20px; }
-          .badge { padding: 3px 8px; border-radius: 3px; font-weight: bold; }
-          .badge-expired { background-color: #dc3545; color: white; }
-          .badge-critical { background-color: #ffc107; }
-          .badge-warning { background-color: #fd7e14; color: white; }
-          .badge-never { background-color: #17a2b8; color: white; }
-          .badge-disabled { background-color: #6c757d; color: white; }
-          .badge-neverlogged { background-color: #adb5bd; }
-      </style>
-  </head>
-  <body>
-      <h1>Rapport d'expiration des mots de passe</h1>
-      
-      <div class="policy">
-          <h2>Politique de mot de passe du domaine</h2>
-          <p><strong>Durée maximale du mot de passe:</strong> $($passwordPolicy.MaxPasswordAge.Days) jours</p>
-          <p><strong>Durée minimale du mot de passe:</strong> $($passwordPolicy.MinPasswordAge.Days) jours</p>
-          <p><strong>Longueur minimale:</strong> $($passwordPolicy.MinPasswordLength) caractères</p>
-          <p><strong>Complexité requise:</strong> $($passwordPolicy.ComplexityEnabled)</p>
-          <p><strong>Historique du mot de passe:</strong> $($passwordPolicy.PasswordHistoryCount) mots de passe</p>
-          <p><strong>Verrouillage de compte:</strong> $($passwordPolicy.LockoutThreshold) tentatives (durée: $($passwordPolicy.LockoutDuration.Minutes) minutes, observation: $($passwordPolicy.LockoutObservationWindow.Minutes) minutes)</p>
-      </div>
-      
-      <div class="summary">
-          <p><strong>Seuil d'avertissement :</strong> $warningThreshold jours</p>
-          <p><strong>Seuil critique :</strong> $criticalThreshold jours</p>
-          <p><strong>Statistiques :</strong>
-              <span class="badge badge-expired">Expirés: $($expiredUsers.Count)</span>
-              <span class="badge badge-critical">Critiques: $($criticalUsers.Count)</span>
-              <span class="badge badge-warning">Avertissement: $($warningUsers.Count)</span>
-              <span class="badge badge-never">Expirent jamais: $($neverExpiresUsers.Count)</span>
-              <span class="badge badge-neverlogged">Jamais connectés: $($neverLoggedInUsers.Count)</span>
-              <span class="badge badge-disabled">Désactivés: $($disabledUsers.Count)</span>
-          </p>
-      </div>
-  "@
-  
-      if ($expiredUsers) {
-          $html += "<h2>Comptes expirés <span class='badge badge-expired'>$($expiredUsers.Count)</span></h2>"
-          $html += $expiredUsers | Select-Object Name, SamAccountName, Email, @{Name="ExpirationDate";Expression={$_.ExpirationDate.ToString("dd/MM/yyyy")}}, DaysLeft, Enabled | ConvertTo-Html -Fragment
-      }
-  
-      if ($criticalUsers) {
-          $html += "<h2>Comptes critiques <span class='badge badge-critical'>$($criticalUsers.Count)</span></h2>"
-          $html += $criticalUsers | Select-Object Name, SamAccountName, Email,  @{Name="ExpirationDate";Expression={$_.ExpirationDate.ToString("dd/MM/yyyy")}}, DaysLeft, Enabled | ConvertTo-Html -Fragment
-      }
-  
-      if ($warningUsers) {
-          $html += "<h2>Comptes en avertissement <span class='badge badge-warning'>$($warningUsers.Count)</span></h2>"
-          $html += $warningUsers | Select-Object Name, SamAccountName, Email,  @{Name="ExpirationDate";Expression={$_.ExpirationDate.ToString("dd/MM/yyyy")}}, DaysLeft, Enabled | ConvertTo-Html -Fragment
-      }
-  
-      if ($IncludeNeverExpires -and $neverExpiresUsers) {
-          $html += "<h2>Comptes avec mot de passe n expirant jamais <span class='badge badge-never'>$($neverExpiresUsers.Count)</span></h2>"
-          $html += $neverExpiresUsers | Select-Object Name, SamAccountName, Email, Enabled | ConvertTo-Html -Fragment
-      }
-  
-      if ($neverLoggedInUsers) {
-          $html += "<h2>Comptes jamais connectés <span class='badge badge-neverlogged'>$($neverLoggedInUsers.Count)</span></h2>"
-          $html += $neverLoggedInUsers | Select-Object Name, SamAccountName, Email, Enabled | ConvertTo-Html -Fragment
-      }
-  
-      if ($IncludeDisabled -and $disabledUsers) {
-          $html += "<h2>Comptes désactivés <span class='badge badge-disabled'>$($disabledUsers.Count)</span></h2>"
-          $html += $disabledUsers | Select-Object Name, SamAccountName, Email,  @{Name="ExpirationDate";Expression={if($_.ExpirationDate){$_.ExpirationDate.ToString("dd/MM/yyyy")}else{"N/A"}}}, DaysLeft | ConvertTo-Html -Fragment
-      }
-  
-      $html += @"
-      <p style="margin-top: 30px; font-size: 0.9em; color: #666;">Généré le : $(Get-Date -Format "dd/MM/yyyy HH:mm")</p>
-  </body>
-  </html>
+        Write-Output "ERROR: PowerShell 7 is not available. Exiting."
+        exit 1
+    }
+}
+[Console]::OutputEncoding = [Text.Encoding]::UTF8
+$PSStyle.OutputRendering = "plaintext"
+
+$TargetOU           = $env:TARGET_OU
+$SmtpServer         = $env:SMTP_SERVER
+$SmtpPort           = [int]$env:SMTP_PORT
+$AdminEmails        = $env:ADMIN_EMAIL -split '[,;]' | ForEach-Object { $_.Trim() } | Where-Object { $_ }
+$FromEmail          = $env:FROM_EMAIL
+$WarningThreshold   = [int]$env:WARNING_THRESHOLD
+$CriticalThreshold  = [int]$env:CRITICAL_THRESHOLD
+$EmailSignature     = $env:EMAIL_SIGNATURE
+
+function Convert-ToBoolean($value) {
+    return $value -match '^(1|true|yes)$'
+}
+
+$IncludeDisabled       = Convert-ToBoolean $env:INCLUDE_DISABLED
+$IncludeNeverExpires   = Convert-ToBoolean $env:INCLUDE_NEVER_EXPIRES
+$GenerateReportOnly    = Convert-ToBoolean $env:GENERATE_REPORT_ONLY
+
+if ($env:SMTP_CREDENTIAL_USERNAME -and $env:SMTP_CREDENTIAL_PASSWORD) {
+    try {
+        $SecurePassword = ConvertTo-SecureString $env:SMTP_CREDENTIAL_PASSWORD -AsPlainText -Force
+        $SmtpCredential = New-Object System.Management.Automation.PSCredential ($env:SMTP_CREDENTIAL_USERNAME, $SecurePassword)
+    } catch {
+        Write-Error "Failed to create SMTP credentials: $_"
+    }
+}
+
+function Test-Prerequisites {
+    $adFeature = Get-WindowsFeature -Name AD-Domain-Services -ErrorAction Stop
+    if ($adFeature.InstallState -ne 'Installed') {
+        Write-Error "AD Domain Services ne sont pas installés. Arrêt du script."
+        exit 1
+    }
+    if (-not $SmtpServer -or -not $SmtpPort) {
+        Write-Error "Les variables `$SmtpServer et `$SmtpPort doivent être définies avant d'appeler cette fonction."
+        exit 1
+    }
+    if (-not (Get-Module -ListAvailable -Name ActiveDirectory)) {
+        Write-Error "Module ActiveDirectory non trouvé. Arrêt du script."
+        exit 1
+    }
+    Import-Module ActiveDirectory -ErrorAction Stop
+    try {
+        $dc = Get-ADDomainController -Discover -ErrorAction Stop
+        Write-Host "Connexion réussie au contrôleur de domaine : $($dc.HostName)"
+    }
+    catch {
+        Write-Error "Impossible de se connecter au contrôleur de domaine. Arrêt du script."
+        exit 1
+    }
+    try {
+        $tcpClient = New-Object System.Net.Sockets.TcpClient
+        $tcpClient.Connect($SmtpServer, $SmtpPort)
+        $tcpClient.Close()
+        Write-Host "Connexion réussie au serveur SMTP : $SmtpServer":"$SmtpPort"
+    }
+    catch {
+        Write-Error "Impossible de se connecter au serveur SMTP : $SmtpServer sur le port $SmtpPort. Arrêt du script."
+        exit 1
+    }
+}
+
+function Get-UserPasswordExpirationInfo {
+    param (
+        $user,
+        $maxPasswordAge
+    )
+    $result = [PSCustomObject]@{
+        Name            = $user.Name
+        SamAccountName  = $user.SamAccountName
+        Email           = $user.EmailAddress
+        ExpirationDate  = $null
+        DaysLeft        = $null
+        Status          = "OK"
+        Enabled         = $user.Enabled
+        PasswordNeverExpires = $user.PasswordNeverExpires
+    }
+    if ($user.PasswordLastSet -eq $null) {
+        $result.Status = "NeverLoggedIn"
+        return $result
+    }
+    if ($user.PasswordNeverExpires) {
+        $result.Status = "NeverExpires"
+        return $result
+    }
+    $passwordExpirationDate = $user.PasswordLastSet + $maxPasswordAge
+    $daysLeft = ($passwordExpirationDate - (Get-Date)).Days
+    $result.ExpirationDate = $passwordExpirationDate
+    $result.DaysLeft = $daysLeft
+    if ($daysLeft -lt 0) {
+        $result.Status = "Expired"
+    }
+    elseif ($daysLeft -le $CriticalThreshold) {
+        $result.Status = "Critical"
+    }
+    elseif ($daysLeft -le $WarningThreshold) {
+        $result.Status = "Warning"
+    }
+    return $result
+}
+
+function ConvertTo-HtmlReport {
+    param (
+        $expiredUsers,
+        $criticalUsers,
+        $warningUsers,
+        $neverExpiresUsers,
+        $neverLoggedInUsers,
+        $disabledUsers,
+        $targetOU,
+        $passwordPolicy,
+        $warningThreshold,
+        $criticalThreshold
+    )
+    $html = @"
+<!DOCTYPE html>
+<html>
+<head>
+    <title>Rapport d'expiration des mots de passe</title>
+    <style>
+        body { font-family: Arial, sans-serif; margin: 20px; }
+        h1 { color: #2c3e50; }
+        h2 { color: #333; margin-top: 30px; }
+        table { width: 100%; border-collapse: collapse; margin-bottom: 20px; }
+        th { background-color: #3498db; color: white; padding: 10px; text-align: left; }
+        td { padding: 10px; border-bottom: 1px solid #ddd; }
+        .expired { background-color: #ffdddd; }
+        .critical { background-color: #fff3cd; }
+        .warning { background-color: #ffe8cc; }
+        .never-expires { background-color: #e7f3fe; }
+        .never-logged { background-color: #f1f1f1; }
+        .disabled { background-color: #f8f9fa; }
+        .summary { background-color: #f8f9fa; padding: 15px; border-radius: 5px; margin-bottom: 20px; }
+        .policy { background-color: #e8f4f8; padding: 15px; border-radius: 5px; margin-bottom: 20px; }
+        .badge { padding: 3px 8px; border-radius: 3px; font-weight: bold; }
+        .badge-expired { background-color: #dc3545; color: white; }
+        .badge-critical { background-color: #ffc107; }
+        .badge-warning { background-color: #fd7e14; color: white; }
+        .badge-never { background-color: #17a2b8; color: white; }
+        .badge-disabled { background-color: #6c757d; color: white; }
+        .badge-neverlogged { background-color: #adb5bd; }
+    </style>
+</head>
+<body>
+    <h1>Rapport d'expiration des mots de passe</h1>
+    <div class="policy">
+        <h2>Politique de mot de passe du domaine</h2>
+        <p><strong>Durée maximale du mot de passe:</strong> $($passwordPolicy.MaxPasswordAge.Days) jours</p>
+        <p><strong>Durée minimale du mot de passe:</strong> $($passwordPolicy.MinPasswordAge.Days) jours</p>
+        <p><strong>Longueur minimale:</strong> $($passwordPolicy.MinPasswordLength) caractères</p>
+        <p><strong>Complexité requise:</strong> $($passwordPolicy.ComplexityEnabled)</p>
+        <p><strong>Historique du mot de passe:</strong> $($passwordPolicy.PasswordHistoryCount) mots de passe</p>
+        <p><strong>Verrouillage de compte:</strong> $($passwordPolicy.LockoutThreshold) tentatives (durée: $($passwordPolicy.LockoutDuration.Minutes) minutes, observation: $($passwordPolicy.LockoutObservationWindow.Minutes) minutes)</p>
+    </div>
+    <div class="summary">
+        <p><strong>Seuil d'avertissement :</strong> $warningThreshold jours</p>
+        <p><strong>Seuil critique :</strong> $criticalThreshold jours</p>
+        <p><strong>Statistiques :</strong>
+            <span class="badge badge-expired">Expirés: $($expiredUsers.Count)</span>
+            <span class="badge badge-critical">Critiques: $($criticalUsers.Count)</span>
+            <span class="badge badge-warning">Avertissement: $($warningUsers.Count)</span>
+            <span class="badge badge-never">Expirent jamais: $($neverExpiresUsers.Count)</span>
+            <span class="badge badge-neverlogged">Jamais connectés: $($neverLoggedInUsers.Count)</span>
+            <span class="badge badge-disabled">Désactivés: $($disabledUsers.Count)</span>
+        </p>
+    </div>
 "@
-  
-      return $html
-  }
-  
-  function Get-EmailSignature {
-      if ($EmailSignature) {
-          return "<div class='email-signature'>$EmailSignature</div>"
-      }
-      
-      return @"
-  <div class='email-signature' style='margin-top: 20px; border-top: 1px solid #ccc; padding-top: 10px;'>
-      <p style='color: #666; font-size: 12px; margin: 0;'>
-          <strong>Service Informatique</strong><br>
-          Téléphone : +33 (0)1 XX XX XX XX<br>
-          Email : support@domain.com<br>
-          <em>Ce message est généré automatiquement, merci de ne pas y répondre directement.</em>
-      </p>
-  </div>
+
+    if ($expiredUsers) {
+        $html += "<h2>Comptes expirés <span class='badge badge-expired'>$($expiredUsers.Count)</span></h2>"
+        $html += $expiredUsers | Select-Object Name, SamAccountName, Email, @{Name="ExpirationDate";Expression={$_.ExpirationDate.ToString("dd/MM/yyyy")}}, DaysLeft, Enabled | ConvertTo-Html -Fragment
+    }
+
+    if ($criticalUsers) {
+        $html += "<h2>Comptes critiques <span class='badge badge-critical'>$($criticalUsers.Count)</span></h2>"
+        $html += $criticalUsers | Select-Object Name, SamAccountName, Email, @{Name="ExpirationDate";Expression={$_.ExpirationDate.ToString("dd/MM/yyyy")}}, DaysLeft, Enabled | ConvertTo-Html -Fragment
+    }
+
+    if ($warningUsers) {
+        $html += "<h2>Comptes en avertissement <span class='badge badge-warning'>$($warningUsers.Count)</span></h2>"
+        $html += $warningUsers | Select-Object Name, SamAccountName, Email, @{Name="ExpirationDate";Expression={$_.ExpirationDate.ToString("dd/MM/yyyy")}}, DaysLeft, Enabled | ConvertTo-Html -Fragment
+    }
+
+    if ($IncludeNeverExpires -and $neverExpiresUsers) {
+        $html += "<h2>Comptes avec mot de passe n'expirant jamais <span class='badge badge-never'>$($neverExpiresUsers.Count)</span></h2>"
+        $html += $neverExpiresUsers | Select-Object Name, SamAccountName, Email, Enabled | ConvertTo-Html -Fragment
+    }
+
+    if ($neverLoggedInUsers) {
+        $html += "<h2>Comptes jamais connectés <span class='badge badge-neverlogged'>$($neverLoggedInUsers.Count)</span></h2>"
+        $html += $neverLoggedInUsers | Select-Object Name, SamAccountName, Email, Enabled | ConvertTo-Html -Fragment
+    }
+
+    if ($IncludeDisabled -and $disabledUsers) {
+        $html += "<h2>Comptes désactivés <span class='badge badge-disabled'>$($disabledUsers.Count)</span></h2>"
+        $html += $disabledUsers | Select-Object Name, SamAccountName, Email, @{Name="ExpirationDate";Expression={if($_.ExpirationDate){$_.ExpirationDate.ToString("dd/MM/yyyy")}else{"N/A"}}}, DaysLeft | ConvertTo-Html -Fragment
+    }
+
+    $html += @"
+    <p style="margin-top: 30px; font-size: 0.9em; color: #666;">Généré le : $(Get-Date -Format "dd/MM/yyyy HH:mm")</p>
+</body>
+</html>
 "@
- }
-  
-  function Send-EmailReport {
-      param(
-          [string[]]$Recipients,
-          [string]$Subject,
-          [string]$Body,
-          [string]$SmtpServer,
-          [int]$Port = 25,
-          [string]$FromAddress,
-          [string[]]$Attachments
-      )
-  
-      if ((Get-Date).DayOfWeek -ne 'Monday') {
-          Write-Host "Les emails ne sont envoyés que le lundi. Arrêt de l'envoi."
-          return
-      }
-  
-      $signature = Get-EmailSignature
-      $bodyWithSignature = $Body
-      if ($Body -match '(?i)</body>') {
-          $bodyWithSignature = $Body -replace '(?i)</body>', "$signature</body>"
-      } else {
-          $bodyWithSignature = "$Body$signature"
-      }
-  
-      $mailMessage = New-Object System.Net.Mail.MailMessage
-      $mailMessage.From = $FromAddress
-      foreach ($recipient in $Recipients) { $mailMessage.To.Add($recipient) }
-      $mailMessage.Subject = $Subject
-      $mailMessage.Body = $bodyWithSignature
-      $mailMessage.IsBodyHtml = $true
-       if ($Attachments) {
-          foreach ($att in $Attachments) {
-              $mailMessage.Attachments.Add((New-Object System.Net.Mail.Attachment($att)))
-          }
-      }
-      $smtpClient = New-Object System.Net.Mail.SmtpClient($SmtpServer, $Port)
-      if ($SmtpCredential) {
-          $smtpClient.Credentials = $SmtpCredential
-      }
-      try {
-          $smtpClient.Send($mailMessage)
-          Write-Host "Email sent successfully."
-      }
-      catch {
-          Write-Error "Failed to send email: $_"
-      }
-  }
-  
-  function Send-UserNotification {
-      param(
-          [string]$Recipient,
-          [string]$Subject,
-          [string]$Body,
-          [string]$SmtpServer,
-          [int]$Port = 25,
-          [string]$FromAddress
-      )
-      
-      $signature = Get-EmailSignature
-      $bodyWithSignature = $Body
-      if ($Body -match '(?i)</body>') {
-          $bodyWithSignature = $Body -replace '(?i)</body>', "$signature</body>"
-      } else {
-          $bodyWithSignature = @"
-  <!DOCTYPE html>
-  <html>
-  <head>
-      <meta charset="UTF-8">
-  </head>
-  <body>
-  $Body
-  $signature
-  </body>
-  </html>
+    return $html
+}
+
+function Get-EmailSignature {
+    if ($EmailSignature) {
+        return "<div class='email-signature'>$EmailSignature</div>"
+    }
+    return @"
+<div class='email-signature' style='margin-top: 20px; border-top: 1px solid #ccc; padding-top: 10px;'>
+    <p style='color: #666; font-size: 12px; margin: 0;'>
+        <strong>Service Informatique</strong><br>
+        Téléphone : +33 (0)1 XX XX XX XX<br>
+        Email : support@domain.com<br>
+        <em>Ce message est généré automatiquement, merci de ne pas y répondre directement.</em>
+    </p>
+</div>
+"@
+}
+
+function Send-EmailReport {
+    param(
+        [string[]]$Recipients,
+        [string]$Subject,
+        [string]$Body,
+        [string]$SmtpServer,
+        [int]$Port = 25,
+        [string]$FromAddress,
+        [string[]]$Attachments
+    )
+    if ((Get-Date).DayOfWeek -ne 'Monday') {
+        Write-Host "Les emails ne sont envoyés que le lundi. Arrêt de l'envoi."
+        return
+    }
+    $signature = Get-EmailSignature
+    $bodyWithSignature = $Body
+    if ($Body -match '(?i)</body>') {
+        $bodyWithSignature = $Body -replace '(?i)</body>', "$signature</body>"
+    } else {
+        $bodyWithSignature = "$Body$signature"
+    }
+    $mailMessage = New-Object System.Net.Mail.MailMessage
+    $mailMessage.From = $FromAddress
+    foreach ($recipient in $Recipients) { $mailMessage.To.Add($recipient) }
+    $mailMessage.Subject = $Subject
+    $mailMessage.Body = $bodyWithSignature
+    $mailMessage.IsBodyHtml = $true
+    if ($Attachments) {
+        foreach ($att in $Attachments) {
+            $mailMessage.Attachments.Add((New-Object System.Net.Mail.Attachment($att)))
+        }
+    }
+    $smtpClient = New-Object System.Net.Mail.SmtpClient($SmtpServer, $Port)
+    if ($SmtpCredential) {
+        $smtpClient.Credentials = $SmtpCredential
+    }
+    try {
+        $smtpClient.Send($mailMessage)
+        Write-Host "Email sent successfully."
+    }
+    catch {
+        Write-Error "Failed to send email: $_"
+    }
+}
+
+function Send-UserNotification {
+    param(
+        [string]$Recipient,
+        [string]$Subject,
+        [string]$Body,
+        [string]$SmtpServer,
+        [int]$Port = 25,
+        [string]$FromAddress
+    )
+    $signature = Get-EmailSignature
+    $bodyWithSignature = $Body
+    if ($Body -match '(?i)</body>') {
+        $bodyWithSignature = $Body -replace '(?i)</body>', "$signature</body>"
+    } else {
+        $bodyWithSignature = @"
+<!DOCTYPE html>
+<html>
+<head>
+    <meta charset="UTF-8">
+</head>
+<body>
+$body
+$signature
+</body>
+</html>
 "@
     }
-      
-      $mailMessage = New-Object System.Net.Mail.MailMessage
-      $mailMessage.From = $FromAddress
-      $mailMessage.To.Add($Recipient)
-      $mailMessage.Subject = $Subject
-      $mailMessage.Body = $bodyWithSignature
-      $mailMessage.IsBodyHtml = $true
-      
-      $smtpClient = New-Object System.Net.Mail.SmtpClient($SmtpServer, $Port)
-      if ($SmtpCredential) {
-          $smtpClient.Credentials = $SmtpCredential
-      }
-      try {
-          $smtpClient.Send($mailMessage)
-          Write-Host "Notification sent to $Recipient."
-      }
-      catch {
-          Write-Error "Failed to send notification to ${Recipient}: $_"
-      }
-  }
-  
-  try {
-      $passwordPolicy = Get-ADDefaultDomainPasswordPolicy
-      $maxPasswordAge = $passwordPolicy.MaxPasswordAge
-      
-      Write-Host "Politique de mot de passe du domaine:"
-      Write-Host "  - Durée maximale: $($maxPasswordAge.Days) jours"
-      Write-Host "  - Durée minimale: $($passwordPolicy.MinPasswordAge.Days) jours"
-      Write-Host "  - Longueur minimale: $($passwordPolicy.MinPasswordLength) caractères"
-      Write-Host "  - Complexité: $($passwordPolicy.ComplexityEnabled)"
-  }
-  catch {
-      Write-Error "Erreur lors de la récupération de la politique de mot de passe : $_"
-      exit 1
-  }
-  
-  try {
-      $ouExists = Get-ADOrganizationalUnit -Identity $TargetOU -ErrorAction Stop
-  }
-  catch {
-      Write-Error "L'OU spécifiée n'existe pas ou est inaccessible : $TargetOU"
-      exit 1
-  }
-  
-  $filter = "PasswordNeverExpires -eq `$false"
-  if ($IncludeDisabled) {
-      $filter = "($filter) -or (Enabled -eq `$false)"
-  }
-  if ($IncludeNeverExpires) {
-      $filter = "PasswordNeverExpires -eq `$true -or ($filter)"
-  }
-  
-  try {
-      Write-Host "Recherche des utilisateurs dans l'OU: $TargetOU"
-      $users = Get-ADUser -SearchBase $TargetOU -Filter * -Properties Name, SamAccountName, EmailAddress, PasswordLastSet, PasswordNeverExpires, Enabled | Where-Object {
-          if ($IncludeDisabled -and $IncludeNeverExpires) { $true }
-          elseif ($IncludeDisabled) { -not $_.PasswordNeverExpires }
-          elseif ($IncludeNeverExpires) { $_.Enabled }
-          else { $_.Enabled -and (-not $_.PasswordNeverExpires) }
-      }
-      
-      Write-Host "Nombre d'utilisateurs trouvés: $($users.Count)"
-  }
-  catch {
-      Write-Error "Erreur lors de la récupération des utilisateurs : $_"
-      exit 1
-  }
-  
-  if (-not $users) {
-      Write-Host "Aucun utilisateur trouvé dans l'OU spécifiée avec les critères actuels."
-      exit
-  }
-  
-  $reportData = foreach ($user in $users) {
-      if ($user.PasswordNeverExpires -or ($user.PasswordLastSet -eq $null -and -not $IncludeNeverExpires)) {
-          [PSCustomObject]@{
-              Name            = $user.Name
-              SamAccountName  = $user.SamAccountName
-              Email           = $user.EmailAddress
-              ExpirationDate  = $null
-              DaysLeft        = $null
-              Status          = if ($user.PasswordNeverExpires) { "NeverExpires" } else { "NeverLoggedIn" }
-              Enabled         = $user.Enabled
-              PasswordNeverExpires = $user.PasswordNeverExpires
-          }
-      }
-      else {
-          Get-UserPasswordExpirationInfo -user $user -maxPasswordAge $maxPasswordAge
-      }
-  }
-  
-  $expiredUsers = $reportData | Where-Object { $_.Status -eq "Expired" } | Sort-Object DaysLeft
-  $criticalUsers = $reportData | Where-Object { $_.Status -eq "Critical" } | Sort-Object DaysLeft
-  $warningUsers = $reportData | Where-Object { $_.Status -eq "Warning" } | Sort-Object DaysLeft
-  $neverExpiresUsers = $reportData | Where-Object { $_.Status -eq "NeverExpires" }
-  $neverLoggedInUsers = $reportData | Where-Object { $_.Status -eq "NeverLoggedIn" }
-  $disabledUsers = $reportData | Where-Object { $_.Enabled -eq $false }
-  
-  $reportFileName = "PasswordExpirationReport_$(Get-Date -Format 'yyyyMMdd_HHmm').html"
-  $htmlReport = ConvertTo-HtmlReport -expiredUsers $expiredUsers -criticalUsers $criticalUsers -warningUsers $warningUsers -neverExpiresUsers $neverExpiresUsers -neverLoggedInUsers $neverLoggedInUsers -disabledUsers $disabledUsers -targetOU $TargetOU -passwordPolicy $passwordPolicy -warningThreshold $WarningThreshold -criticalThreshold $CriticalThreshold
-  $htmlReport | Out-File $reportFileName -Encoding UTF8
-  
-  Write-Host "Rapport généré avec succès : $reportFileName"
-  Write-Host "Résumé :"
-  Write-Host "  - Comptes expirés: $($expiredUsers.Count)"
-  Write-Host "  - Comptes critiques: $($criticalUsers.Count)"
-  Write-Host "  - Comptes en avertissement: $($warningUsers.Count)"
-  Write-Host "  - Comptes expirant jamais: $($neverExpiresUsers.Count)"
-  Write-Host "  - Comptes jamais connectés: $($neverLoggedInUsers.Count)"
-  Write-Host "  - Comptes désactivés: $($disabledUsers.Count)"
-  
-  if ($GenerateReportOnly) {
-      Write-Host "Option GenerateReportOnly activée, rapport généré uniquement. Arrêt du script."
-      exit 0
-  }
-  
-  foreach ($user in $reportData | Where-Object { $_.Status -in @("Warning", "Critical", "Expired") }) {
-      if ($user.Email) {  
-          $expirationDate = if ($user.ExpirationDate) { $user.ExpirationDate.ToString("dd/MM/yyyy") } else { "N/A" }
-          $subject = "Avertissement: Expiration de votre mot de passe"
-          $body = @"
-  <!DOCTYPE html>
-  <html>
-  <head>
-      <meta charset="UTF-8">
-      <style>
-          body { font-family: Arial, sans-serif; }
-          .warning { color: #fd7e14; }
-          .critical { color: #dc3545; }
-          .expired { color: #6c757d; }
-      </style>
-  </head>
-  <body>
-      <p>Bonjour $($user.Name),</p>
-      <p>Votre mot de passe est dans un état <strong class='$($user.Status.ToLower())'>$($user.Status)</strong>.</p>
-      <p><strong>Date d'expiration:</strong> $expirationDate</p>
-      <p>Veuillez mettre à jour votre mot de passe dès que possible pour éviter tout problème d'accès.</p>
-      <p>Cordialement,</p>
-  </body>
-  </html>
+    $mailMessage = New-Object System.Net.Mail.MailMessage
+    $mailMessage.From = $FromAddress
+    $mailMessage.To.Add($Recipient)
+    $mailMessage.Subject = $Subject
+    $mailMessage.Body = $bodyWithSignature
+    $mailMessage.IsBodyHtml = $true
+    $smtpClient = New-Object System.Net.Mail.SmtpClient($SmtpServer, $Port)
+    if ($SmtpCredential) {
+        $smtpClient.Credentials = $SmtpCredential
+    }
+    try {
+        $smtpClient.Send($mailMessage)
+        Write-Host "Notification sent to $Recipient."
+    }
+    catch {
+        Write-Error "Failed to send notification to ${Recipient}: $_"
+    }
+}
+
+try {
+    $passwordPolicy = Get-ADDefaultDomainPasswordPolicy
+    $maxPasswordAge = $passwordPolicy.MaxPasswordAge
+    Write-Host "Politique de mot de passe du domaine:"
+    Write-Host "  - Durée maximale: $($maxPasswordAge.Days) jours"
+    Write-Host "  - Durée minimale: $($passwordPolicy.MinPasswordAge.Days) jours"
+    Write-Host "  - Longueur minimale: $($passwordPolicy.MinPasswordLength) caractères"
+    Write-Host "  - Complexité: $($passwordPolicy.ComplexityEnabled)"
+}
+catch {
+    Write-Error "Erreur lors de la récupération de la politique de mot de passe : $_"
+    exit 1
+}
+
+try {
+    $ouExists = Get-ADOrganizationalUnit -Identity $TargetOU -ErrorAction Stop
+}
+catch {
+    Write-Error "L'OU spécifiée n'existe pas ou est inaccessible : $TargetOU"
+    exit 1
+}
+
+$filter = "PasswordNeverExpires -eq `$false"
+if ($IncludeDisabled) {
+    $filter = "($filter) -or (Enabled -eq `$false)"
+}
+if ($IncludeNeverExpires) {
+    $filter = "PasswordNeverExpires -eq `$true -or ($filter)"
+}
+
+try {
+    Write-Host "Recherche des utilisateurs dans l'OU: $TargetOU"
+    $users = Get-ADUser -SearchBase $TargetOU -Filter * -Properties Name, SamAccountName, EmailAddress, PasswordLastSet, PasswordNeverExpires, Enabled | Where-Object {
+        if ($IncludeDisabled -and $IncludeNeverExpires) { $true }
+        elseif ($IncludeDisabled) { -not $_.PasswordNeverExpires }
+        elseif ($IncludeNeverExpires) { $_.Enabled }
+        else { $_.Enabled -and (-not $_.PasswordNeverExpires) }
+    }
+    Write-Host "Nombre d'utilisateurs trouvés: $($users.Count)"
+}
+catch {
+    Write-Error "Erreur lors de la récupération des utilisateurs : $_"
+    exit 1
+}
+
+if (-not $users) {
+    Write-Host "Aucun utilisateur trouvé dans l'OU spécifiée avec les critères actuels."
+    exit
+}
+
+$reportData = foreach ($user in $users) {
+    if ($user.PasswordNeverExpires -or ($user.PasswordLastSet -eq $null -and -not $IncludeNeverExpires)) {
+        [PSCustomObject]@{
+            Name            = $user.Name
+            SamAccountName  = $user.SamAccountName
+            Email           = $user.EmailAddress
+            ExpirationDate  = $null
+            DaysLeft        = $null
+            Status          = if ($user.PasswordNeverExpires) { "NeverExpires" } else { "NeverLoggedIn" }
+            Enabled         = $user.Enabled
+            PasswordNeverExpires = $user.PasswordNeverExpires
+        }
+    }
+    else {
+        Get-UserPasswordExpirationInfo -user $user -maxPasswordAge $maxPasswordAge
+    }
+}
+
+$expiredUsers = $reportData | Where-Object { $_.Status -eq "Expired" } | Sort-Object DaysLeft
+$criticalUsers = $reportData | Where-Object { $_.Status -eq "Critical" } | Sort-Object DaysLeft
+$warningUsers = $reportData | Where-Object { $_.Status -eq "Warning" } | Sort-Object DaysLeft
+$neverExpiresUsers = $reportData | Where-Object { $_.Status -eq "NeverExpires" }
+$neverLoggedInUsers = $reportData | Where-Object { $_.Status -eq "NeverLoggedIn" }
+$disabledUsers = $reportData | Where-Object { $_.Enabled -eq $false }
+
+$reportFileName = "PasswordExpirationReport_$(Get-Date -Format 'yyyyMMdd_HHmm').html"
+$htmlReport = ConvertTo-HtmlReport -expiredUsers $expiredUsers -criticalUsers $criticalUsers -warningUsers $warningUsers -neverExpiresUsers $neverExpiresUsers -neverLoggedInUsers $neverLoggedInUsers -disabledUsers $disabledUsers -targetOU $TargetOU -passwordPolicy $passwordPolicy -warningThreshold $WarningThreshold -criticalThreshold $CriticalThreshold
+$htmlReport | Out-File $reportFileName -Encoding UTF8
+Write-Host "Rapport généré avec succès : $reportFileName"
+Write-Host "Résumé :"
+Write-Host "  - Comptes expirés: $($expiredUsers.Count)"
+Write-Host "  - Comptes critiques: $($criticalUsers.Count)"
+Write-Host "  - Comptes en avertissement: $($warningUsers.Count)"
+Write-Host "  - Comptes expirant jamais: $($neverExpiresUsers.Count)"
+Write-Host "  - Comptes jamais connectés: $($neverLoggedInUsers.Count)"
+Write-Host "  - Comptes désactivés: $($disabledUsers.Count)"
+
+if ($GenerateReportOnly) {
+    Write-Host "Option GenerateReportOnly activée, rapport généré uniquement. Arrêt du script."
+    exit 0
+}
+
+foreach ($user in $reportData | Where-Object { $_.Status -in @("Warning", "Critical", "Expired") }) {
+    if ($user.Email) {  
+        $expirationDate = if ($user.ExpirationDate) { $user.ExpirationDate.ToString("dd/MM/yyyy") } else { "N/A" }
+        $subject = "Avertissement: Expiration de votre mot de passe"
+        $body = @"
+<!DOCTYPE html>
+<html>
+<head>
+    <meta charset="UTF-8">
+    <style>
+        body { font-family: Arial, sans-serif; }
+        .warning { color: #fd7e14; }
+        .critical { color: #dc3545; }
+        .expired { color: #6c757d; }
+    </style>
+</head>
+<body>
+    <p>Bonjour $($user.Name),</p>
+    <p>Votre mot de passe est dans un état <strong class='$($user.Status.ToLower())'>$($user.Status)</strong>.</p>
+    <p><strong>Date d'expiration:</strong> $expirationDate</p>
+    <p>Veuillez mettre à jour votre mot de passe dès que possible pour éviter tout problème d'accès.</p>
+    <p>Cordialement,</p>
+</body>
+</html>
 "@
-          Send-UserNotification -Recipient $user.Email -Subject $subject -Body $body -SmtpServer $SmtpServer -Port $SmtpPort -FromAddress $FromEmail
-      }
-      else {
-          Write-Warning "L'utilisateur $($user.Name) n'a pas d'adresse email définie dans Active Directory."
-      }
-  }
-  
-  if ($AdminEmails) {
-      if ($reportData.Count -gt 0) {
-          $smtpServer = $SmtpServer          
-          $smtpPort = $SmtpPort              
-          $fromAddress = $FromEmail          
-          $subject = "Rapport hebdomadaire d'expiration des mots de passe"
-          $body = $htmlReport                
-          Send-EmailReport -Recipients $AdminEmails -Subject $subject -Body $body -SmtpServer $smtpServer -Port $smtpPort -FromAddress $fromAddress -Attachments @()
-      }
-  } else {
-      Write-Warning "ADMIN_EMAIL n'est pas défini. Aucun email administrateur ne sera envoyé."
-  }
+        Send-UserNotification -Recipient $user.Email -Subject $subject -Body $body -SmtpServer $SmtpServer -Port $SmtpPort -FromAddress $FromEmail
+    }
+    else {
+        Write-Warning "L'utilisateur $($user.Name) n'a pas d'adresse email définie dans Active Directory."
+    }
+}
+
+if ($AdminEmails) {
+    if ($reportData.Count -gt 0) {
+        $smtpServer = $SmtpServer          
+        $smtpPort = $SmtpPort              
+        $fromAddress = $FromEmail          
+        $subject = "Rapport hebdomadaire d'expiration des mots de passe"
+        $body = $htmlReport                
+        Send-EmailReport -Recipients $AdminEmails -Subject $subject -Body $body -SmtpServer $smtpServer -Port $smtpPort -FromAddress $fromAddress -Attachments @()
+    }
+} else {
+    Write-Warning "ADMIN_EMAIL n'est pas défini. Aucun email administrateur ne sera envoyé."
+}
\ No newline at end of file

From 3ccb4671f4b0e8ac3d7c6448f443ad0ec647d210 Mon Sep 17 00:00:00 2001
From: P6g9YHK6 <17877371+P6g9YHK6@users.noreply.github.com>
Date: Mon, 9 Jun 2025 09:50:31 +0200
Subject: [PATCH 04/23] Update file: Mail notification password expiry.ps1

---
 .../Mail notification password expiry.ps1     | 236 ++++++++++++++----
 1 file changed, 182 insertions(+), 54 deletions(-)

diff --git a/scripts_staging/Backend/Mail notification password expiry.ps1 b/scripts_staging/Backend/Mail notification password expiry.ps1
index 1e05d928..83d0563d 100644
--- a/scripts_staging/Backend/Mail notification password expiry.ps1	
+++ b/scripts_staging/Backend/Mail notification password expiry.ps1	
@@ -139,92 +139,146 @@ function ConvertTo-HtmlReport {
         $warningThreshold,
         $criticalThreshold
     )
+
     $html = @"
 <!DOCTYPE html>
 <html>
 <head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
     <title>Rapport d'expiration des mots de passe</title>
     <style>
-        body { font-family: Arial, sans-serif; margin: 20px; }
-        h1 { color: #2c3e50; }
-        h2 { color: #333; margin-top: 30px; }
-        table { width: 100%; border-collapse: collapse; margin-bottom: 20px; }
-        th { background-color: #3498db; color: white; padding: 10px; text-align: left; }
-        td { padding: 10px; border-bottom: 1px solid #ddd; }
-        .expired { background-color: #ffdddd; }
-        .critical { background-color: #fff3cd; }
-        .warning { background-color: #ffe8cc; }
-        .never-expires { background-color: #e7f3fe; }
-        .never-logged { background-color: #f1f1f1; }
-        .disabled { background-color: #f8f9fa; }
-        .summary { background-color: #f8f9fa; padding: 15px; border-radius: 5px; margin-bottom: 20px; }
-        .policy { background-color: #e8f4f8; padding: 15px; border-radius: 5px; margin-bottom: 20px; }
-        .badge { padding: 3px 8px; border-radius: 3px; font-weight: bold; }
+        body {
+            font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
+            background-color: #f9f9f9;
+            color: #333;
+            margin: 0;
+            padding: 0;
+        }
+        .container {
+            max-width: 1000px;
+            margin: 0 auto;
+            padding: 30px;
+            background-color: #fff;
+            border-radius: 10px;
+            box-shadow: 0 0 10px rgba(0,0,0,0.05);
+        }
+        h1 {
+            color: #2c3e50;
+            border-bottom: 2px solid #3498db;
+            padding-bottom: 10px;
+        }
+        .section {
+            margin-bottom: 30px;
+        }
+        .badge {
+            display: inline-block;
+            padding: 6px 12px;
+            border-radius: 5px;
+            font-weight: bold;
+            margin-right: 10px;
+        }
         .badge-expired { background-color: #dc3545; color: white; }
-        .badge-critical { background-color: #ffc107; }
+        .badge-critical { background-color: #ffc107; color: #333; }
         .badge-warning { background-color: #fd7e14; color: white; }
         .badge-never { background-color: #17a2b8; color: white; }
-        .badge-disabled { background-color: #6c757d; color: white; }
         .badge-neverlogged { background-color: #adb5bd; }
+        .badge-disabled { background-color: #6c757d; color: white; }
+        table {
+            width: 100%;
+            border-collapse: collapse;
+            margin-top: 15px;
+        }
+        th, td {
+            padding: 12px;
+            border-bottom: 1px solid #ddd;
+            text-align: left;
+        }
+        th {
+            background-color: #3498db;
+            color: white;
+        }
+        .footer {
+            margin-top: 40px;
+            font-size: 0.9em;
+            color: #777;
+            text-align: center;
+        }
     </style>
 </head>
 <body>
+<div class="container">
     <h1>Rapport d'expiration des mots de passe</h1>
-    <div class="policy">
+
+    <div class="section">
         <h2>Politique de mot de passe du domaine</h2>
-        <p><strong>Durée maximale du mot de passe:</strong> $($passwordPolicy.MaxPasswordAge.Days) jours</p>
-        <p><strong>Durée minimale du mot de passe:</strong> $($passwordPolicy.MinPasswordAge.Days) jours</p>
+        <p><strong>Durée maximale:</strong> $($passwordPolicy.MaxPasswordAge.Days) jours</p>
+        <p><strong>Durée minimale:</strong> $($passwordPolicy.MinPasswordAge.Days) jours</p>
         <p><strong>Longueur minimale:</strong> $($passwordPolicy.MinPasswordLength) caractères</p>
         <p><strong>Complexité requise:</strong> $($passwordPolicy.ComplexityEnabled)</p>
-        <p><strong>Historique du mot de passe:</strong> $($passwordPolicy.PasswordHistoryCount) mots de passe</p>
-        <p><strong>Verrouillage de compte:</strong> $($passwordPolicy.LockoutThreshold) tentatives (durée: $($passwordPolicy.LockoutDuration.Minutes) minutes, observation: $($passwordPolicy.LockoutObservationWindow.Minutes) minutes)</p>
+        <p><strong>Historique:</strong> $($passwordPolicy.PasswordHistoryCount) mots de passe</p>
+        <p><strong>Verrouillage:</strong> $($passwordPolicy.LockoutThreshold) tentatives (durée: $($passwordPolicy.LockoutDuration.Minutes) min)</p>
     </div>
-    <div class="summary">
-        <p><strong>Seuil d'avertissement :</strong> $warningThreshold jours</p>
-        <p><strong>Seuil critique :</strong> $criticalThreshold jours</p>
-        <p><strong>Statistiques :</strong>
+
+    <div class="section">
+        <h2>Statistiques globales</h2>
+        <p>
             <span class="badge badge-expired">Expirés: $($expiredUsers.Count)</span>
             <span class="badge badge-critical">Critiques: $($criticalUsers.Count)</span>
-            <span class="badge badge-warning">Avertissement: $($warningUsers.Count)</span>
+            <span class="badge badge-warning">Avertissements: $($warningUsers.Count)</span>
             <span class="badge badge-never">Expirent jamais: $($neverExpiresUsers.Count)</span>
             <span class="badge badge-neverlogged">Jamais connectés: $($neverLoggedInUsers.Count)</span>
             <span class="badge badge-disabled">Désactivés: $($disabledUsers.Count)</span>
         </p>
     </div>
-"@
 
-    if ($expiredUsers) {
-        $html += "<h2>Comptes expirés <span class='badge badge-expired'>$($expiredUsers.Count)</span></h2>"
-        $html += $expiredUsers | Select-Object Name, SamAccountName, Email, @{Name="ExpirationDate";Expression={$_.ExpirationDate.ToString("dd/MM/yyyy")}}, DaysLeft, Enabled | ConvertTo-Html -Fragment
+    @if ($expiredUsers) {
+        <div class="section">
+            <h2>Comptes expirés</h2>
+            $expiredUsers | Select-Object Name, SamAccountName, Email, @{Name="ExpirationDate";Expression={$_.ExpirationDate.ToString("dd/MM/yyyy")}}, DaysLeft, Enabled | ConvertTo-Html -Fragment
+        </div>
     }
 
-    if ($criticalUsers) {
-        $html += "<h2>Comptes critiques <span class='badge badge-critical'>$($criticalUsers.Count)</span></h2>"
-        $html += $criticalUsers | Select-Object Name, SamAccountName, Email, @{Name="ExpirationDate";Expression={$_.ExpirationDate.ToString("dd/MM/yyyy")}}, DaysLeft, Enabled | ConvertTo-Html -Fragment
+    @if ($criticalUsers) {
+        <div class="section">
+            <h2>Comptes critiques</h2>
+            $criticalUsers | Select-Object Name, SamAccountName, Email, @{Name="ExpirationDate";Expression={$_.ExpirationDate.ToString("dd/MM/yyyy")}}, DaysLeft, Enabled | ConvertTo-Html -Fragment
+        </div>
     }
 
-    if ($warningUsers) {
-        $html += "<h2>Comptes en avertissement <span class='badge badge-warning'>$($warningUsers.Count)</span></h2>"
-        $html += $warningUsers | Select-Object Name, SamAccountName, Email, @{Name="ExpirationDate";Expression={$_.ExpirationDate.ToString("dd/MM/yyyy")}}, DaysLeft, Enabled | ConvertTo-Html -Fragment
+    @if ($warningUsers) {
+        <div class="section">
+            <h2>Comptes en avertissement</h2>
+            $warningUsers | Select-Object Name, SamAccountName, Email, @{Name="ExpirationDate";Expression={$_.ExpirationDate.ToString("dd/MM/yyyy")}}, DaysLeft, Enabled | ConvertTo-Html -Fragment
+        </div>
     }
 
-    if ($IncludeNeverExpires -and $neverExpiresUsers) {
-        $html += "<h2>Comptes avec mot de passe n'expirant jamais <span class='badge badge-never'>$($neverExpiresUsers.Count)</span></h2>"
-        $html += $neverExpiresUsers | Select-Object Name, SamAccountName, Email, Enabled | ConvertTo-Html -Fragment
+    @if ($IncludeNeverExpires -and $neverExpiresUsers) {
+        <div class="section">
+            <h2>Comptes avec mot de passe n'expirant jamais</h2>
+            $neverExpiresUsers | Select-Object Name, SamAccountName, Email, Enabled | ConvertTo-Html -Fragment
+        </div>
     }
 
-    if ($neverLoggedInUsers) {
-        $html += "<h2>Comptes jamais connectés <span class='badge badge-neverlogged'>$($neverLoggedInUsers.Count)</span></h2>"
-        $html += $neverLoggedInUsers | Select-Object Name, SamAccountName, Email, Enabled | ConvertTo-Html -Fragment
+    @if ($neverLoggedInUsers) {
+        <div class="section">
+            <h2>Comptes jamais connectés</h2>
+            $neverLoggedInUsers | Select-Object Name, SamAccountName, Email, Enabled | ConvertTo-Html -Fragment
+        </div>
     }
 
-    if ($IncludeDisabled -and $disabledUsers) {
-        $html += "<h2>Comptes désactivés <span class='badge badge-disabled'>$($disabledUsers.Count)</span></h2>"
-        $html += $disabledUsers | Select-Object Name, SamAccountName, Email, @{Name="ExpirationDate";Expression={if($_.ExpirationDate){$_.ExpirationDate.ToString("dd/MM/yyyy")}else{"N/A"}}}, DaysLeft | ConvertTo-Html -Fragment
+    @if ($IncludeDisabled -and $disabledUsers) {
+        <div class="section">
+            <h2>Comptes désactivés</h2>
+            $disabledUsers | Select-Object Name, SamAccountName, Email, @{Name="ExpirationDate";Expression={if($_.ExpirationDate){$_.ExpirationDate.ToString("dd/MM/yyyy")}else{"N/A"}}}, DaysLeft | ConvertTo-Html -Fragment
+        </div>
     }
 
-    $html += @"
-    <p style="margin-top: 30px; font-size: 0.9em; color: #666;">Généré le : $(Get-Date -Format "dd/MM/yyyy HH:mm")</p>
+    <div class="footer">
+        <p>Généré le : $(Get-Date -Format "dd/MM/yyyy HH:mm")</p>
+        <p>© 2025 Service Informatique</p>
+    </div>
+</div>
 </body>
 </html>
 "@
@@ -440,18 +494,92 @@ foreach ($user in $reportData | Where-Object { $_.Status -in @("Warning", "Criti
 <head>
     <meta charset="UTF-8">
     <style>
-        body { font-family: Arial, sans-serif; }
-        .warning { color: #fd7e14; }
-        .critical { color: #dc3545; }
-        .expired { color: #6c757d; }
+        body {
+            font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
+            background-color: #f9f9f9;
+            color: #333;
+            margin: 0;
+            padding: 0;
+        }
+        .container {
+            max-width: 700px;
+            margin: 0 auto;
+            padding: 30px;
+            background-color: #fff;
+            border-radius: 10px;
+            box-shadow: 0 0 10px rgba(0,0,0,0.05);
+        }
+        h1 {
+            color: #2c3e50;
+            border-bottom: 2px solid #3498db;
+            padding-bottom: 10px;
+        }
+        .status {
+            font-weight: bold;
+            margin-top: 15px;
+            display: inline-block;
+            padding: 6px 12px;
+            border-radius: 5px;
+        }
+        .expired { background-color: #dc3545; color: white; }
+        .critical { background-color: #ffc107; color: #333; }
+        .warning { background-color: #fd7e14; color: white; }
+        table {
+            width: 100%;
+            border-collapse: collapse;
+            margin-top: 20px;
+        }
+        th, td {
+            padding: 12px;
+            border-bottom: 1px solid #ddd;
+            text-align: left;
+        }
+        th {
+            background-color: #3498db;
+            color: white;
+        }
+        .footer {
+            margin-top: 40px;
+            font-size: 0.9em;
+            color: #777;
+            text-align: center;
+        }
     </style>
 </head>
 <body>
+<div class="container">
+    <h1>⚠️ Avertissement : Expiration de votre mot de passe</h1>
     <p>Bonjour $($user.Name),</p>
-    <p>Votre mot de passe est dans un état <strong class='$($user.Status.ToLower())'>$($user.Status)</strong>.</p>
+    <p>Votre mot de passe est dans un état <span class='status $user.Status.ToLower()'>$($user.Status)</span>.</p>
     <p><strong>Date d'expiration:</strong> $expirationDate</p>
     <p>Veuillez mettre à jour votre mot de passe dès que possible pour éviter tout problème d'accès.</p>
-    <p>Cordialement,</p>
+
+    <table>
+        <tr>
+            <th>Nom</th>
+            <td>$($user.Name)</td>
+        </tr>
+        <tr>
+            <th>SAM Account Name</th>
+            <td>$($user.SamAccountName)</td>
+        </tr>
+        <tr>
+            <th>Email</th>
+            <td>$($user.Email)</td>
+        </tr>
+        <tr>
+            <th>Date d'expiration</th>
+            <td>$expirationDate</td>
+        </tr>
+        <tr>
+            <th>Jours restants</th>
+            <td>$($user.DaysLeft)</td>
+        </tr>
+    </table>
+
+    <p>Cordialement,<br/>
+    Service Informatique</p>
+</div>
 </body>
 </html>
 "@

From 111dde795744ff49883c3e4ff6e879b2056bb3b9 Mon Sep 17 00:00:00 2001
From: P6g9YHK6 <17877371+P6g9YHK6@users.noreply.github.com>
Date: Mon, 9 Jun 2025 09:58:25 +0200
Subject: [PATCH 05/23] Update file: Mail notification password expiry.ps1

---
 scripts_staging/Backend/Mail notification password expiry.ps1 | 2 --
 1 file changed, 2 deletions(-)

diff --git a/scripts_staging/Backend/Mail notification password expiry.ps1 b/scripts_staging/Backend/Mail notification password expiry.ps1
index 83d0563d..77fd05dc 100644
--- a/scripts_staging/Backend/Mail notification password expiry.ps1	
+++ b/scripts_staging/Backend/Mail notification password expiry.ps1	
@@ -144,8 +144,6 @@ function ConvertTo-HtmlReport {
 <!DOCTYPE html>
 <html>
 <head>
-    <meta charset="UTF-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
     <title>Rapport d'expiration des mots de passe</title>
     <style>
         body {

From 21cbb0522a2b592bcc99d7843a7e0761a567ddfe Mon Sep 17 00:00:00 2001
From: P6g9YHK6 <17877371+P6g9YHK6@users.noreply.github.com>
Date: Mon, 9 Jun 2025 10:04:07 +0200
Subject: [PATCH 06/23] Update file: Mail notification password expiry.ps1

---
 .../Mail notification password expiry.ps1     | 62 +++++++++++++++----
 1 file changed, 50 insertions(+), 12 deletions(-)

diff --git a/scripts_staging/Backend/Mail notification password expiry.ps1 b/scripts_staging/Backend/Mail notification password expiry.ps1
index 77fd05dc..13741e89 100644
--- a/scripts_staging/Backend/Mail notification password expiry.ps1	
+++ b/scripts_staging/Backend/Mail notification password expiry.ps1	
@@ -139,11 +139,12 @@ function ConvertTo-HtmlReport {
         $warningThreshold,
         $criticalThreshold
     )
-
     $html = @"
 <!DOCTYPE html>
 <html>
 <head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
     <title>Rapport d'expiration des mots de passe</title>
     <style>
         body {
@@ -274,7 +275,6 @@ function ConvertTo-HtmlReport {
 
     <div class="footer">
         <p>Généré le : $(Get-Date -Format "dd/MM/yyyy HH:mm")</p>
-        <p>© 2025 Service Informatique</p>
     </div>
 </div>
 </body>
@@ -363,10 +363,57 @@ function Send-UserNotification {
 <html>
 <head>
     <meta charset="UTF-8">
+    <style>
+        body {
+            font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
+            background-color: #f9f9f9;
+            color: #333;
+            margin: 0;
+            padding: 0;
+        }
+        .container {
+            max-width: 700px;
+            margin: 0 auto;
+            padding: 30px;
+            background-color: #fff;
+            border-radius: 10px;
+            box-shadow: 0 0 10px rgba(0,0,0,0.05);
+        }
+        h1 {
+            color: #2c3e50;
+            border-bottom: 2px solid #3498db;
+            padding-bottom: 10px;
+        }
+        .status {
+            font-weight: bold;
+            margin-top: 15px;
+            display: inline-block;
+            padding: 6px 12px;
+            border-radius: 5px;
+        }
+        .expired { background-color: #dc3545; color: white; }
+        .critical { background-color: #ffc107; color: #333; }
+        .warning { background-color: #fd7e14; color: white; }
+        table {
+            width: 100%;
+            border-collapse: collapse;
+            margin-top: 20px;
+        }
+        th, td {
+            padding: 12px;
+            border-bottom: 1px solid #ddd;
+            text-align: left;
+        }
+        th {
+            background-color: #3498db;
+            color: white;
+        }
+    </style>
 </head>
 <body>
+<div class="container">
 $body
-$signature
+</div>
 </body>
 </html>
 "@
@@ -536,12 +583,6 @@ foreach ($user in $reportData | Where-Object { $_.Status -in @("Warning", "Criti
             background-color: #3498db;
             color: white;
         }
-        .footer {
-            margin-top: 40px;
-            font-size: 0.9em;
-            color: #777;
-            text-align: center;
-        }
     </style>
 </head>
 <body>
@@ -574,9 +615,6 @@ foreach ($user in $reportData | Where-Object { $_.Status -in @("Warning", "Criti
             <td>$($user.DaysLeft)</td>
         </tr>
     </table>
-
-    <p>Cordialement,<br/>
-    Service Informatique</p>
 </div>
 </body>
 </html>

From 7f9bcd6ab6d1214a2004ffcffbd2335613c2b863 Mon Sep 17 00:00:00 2001
From: P6g9YHK6 <17877371+P6g9YHK6@users.noreply.github.com>
Date: Mon, 9 Jun 2025 14:45:31 +0200
Subject: [PATCH 07/23] Update file: Mail notification password expiry.ps1

---
 .../Backend/Mail notification password expiry.ps1      | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/scripts_staging/Backend/Mail notification password expiry.ps1 b/scripts_staging/Backend/Mail notification password expiry.ps1
index 13741e89..4410b0ee 100644
--- a/scripts_staging/Backend/Mail notification password expiry.ps1	
+++ b/scripts_staging/Backend/Mail notification password expiry.ps1	
@@ -400,13 +400,15 @@ function Send-UserNotification {
             margin-top: 20px;
         }
         th, td {
-            padding: 12px;
+            padding: 8px; /* Réduit l'espace */
             border-bottom: 1px solid #ddd;
             text-align: left;
+            font-size: 14px; /* Police compacte */
         }
         th {
             background-color: #3498db;
             color: white;
+            font-size: 14px; /* Police compacte */
         }
     </style>
 </head>
@@ -421,7 +423,7 @@ $body
     $mailMessage = New-Object System.Net.Mail.MailMessage
     $mailMessage.From = $FromAddress
     $mailMessage.To.Add($Recipient)
-    $mailMessage.Subject = $Subject
+    $mailMessage.Subject = $subject
     $mailMessage.Body = $bodyWithSignature
     $mailMessage.IsBodyHtml = $true
     $smtpClient = New-Object System.Net.Mail.SmtpClient($SmtpServer, $Port)
@@ -575,13 +577,15 @@ foreach ($user in $reportData | Where-Object { $_.Status -in @("Warning", "Criti
             margin-top: 20px;
         }
         th, td {
-            padding: 12px;
+            padding: 8px; /* Réduit l'espace */
             border-bottom: 1px solid #ddd;
             text-align: left;
+            font-size: 14px; /* Police compacte */
         }
         th {
             background-color: #3498db;
             color: white;
+            font-size: 14px; /* Police compacte */
         }
     </style>
 </head>

From eae28d216f0f55e5aacc844183e41dc0f8a1717c Mon Sep 17 00:00:00 2001
From: P6g9YHK6 <17877371+P6g9YHK6@users.noreply.github.com>
Date: Mon, 9 Jun 2025 14:50:43 +0200
Subject: [PATCH 08/23] Update file: Mail notification password expiry.ps1

---
 .../Mail notification password expiry.ps1     | 152 ++++++++++++++++--
 1 file changed, 140 insertions(+), 12 deletions(-)

diff --git a/scripts_staging/Backend/Mail notification password expiry.ps1 b/scripts_staging/Backend/Mail notification password expiry.ps1
index 4410b0ee..5f91e853 100644
--- a/scripts_staging/Backend/Mail notification password expiry.ps1	
+++ b/scripts_staging/Backend/Mail notification password expiry.ps1	
@@ -231,45 +231,173 @@ function ConvertTo-HtmlReport {
         </p>
     </div>
 
-    @if ($expiredUsers) {
+    @if ($expiredUsers.Count -gt 0) {
         <div class="section">
             <h2>Comptes expirés</h2>
-            $expiredUsers | Select-Object Name, SamAccountName, Email, @{Name="ExpirationDate";Expression={$_.ExpirationDate.ToString("dd/MM/yyyy")}}, DaysLeft, Enabled | ConvertTo-Html -Fragment
+            <table>
+                <thead>
+                    <tr>
+                        <th>Nom</th>
+                        <th>SAM Account Name</th>
+                        <th>Email</th>
+                        <th>Date d'expiration</th>
+                        <th>Jours restants</th>
+                        <th>Activé</th>
+                    </tr>
+                </thead>
+                <tbody>
+                    $($expiredUsers | ForEach-Object {
+                        "<tr>
+                            <td>$($_.Name)</td>
+                            <td>$($_.SamAccountName)</td>
+                            <td>$($_.Email)</td>
+                            <td>$($_.ExpirationDate.ToString('dd/MM/yyyy'))</td>
+                            <td>$($_.DaysLeft)</td>
+                            <td>$($_.Enabled)</td>
+                        </tr>"
+                    })
+                </tbody>
+            </table>
         </div>
     }
 
-    @if ($criticalUsers) {
+    @if ($criticalUsers.Count -gt 0) {
         <div class="section">
             <h2>Comptes critiques</h2>
-            $criticalUsers | Select-Object Name, SamAccountName, Email, @{Name="ExpirationDate";Expression={$_.ExpirationDate.ToString("dd/MM/yyyy")}}, DaysLeft, Enabled | ConvertTo-Html -Fragment
+            <table>
+                <thead>
+                    <tr>
+                        <th>Nom</th>
+                        <th>SAM Account Name</th>
+                        <th>Email</th>
+                        <th>Date d'expiration</th>
+                        <th>Jours restants</th>
+                        <th>Activé</th>
+                    </tr>
+                </thead>
+                <tbody>
+                    $($criticalUsers | ForEach-Object {
+                        "<tr>
+                            <td>$($_.Name)</td>
+                            <td>$($_.SamAccountName)</td>
+                            <td>$($_.Email)</td>
+                            <td>$($_.ExpirationDate.ToString('dd/MM/yyyy'))</td>
+                            <td>$($_.DaysLeft)</td>
+                            <td>$($_.Enabled)</td>
+                        </tr>"
+                    })
+                </tbody>
+            </table>
         </div>
     }
 
-    @if ($warningUsers) {
+    @if ($warningUsers.Count -gt 0) {
         <div class="section">
             <h2>Comptes en avertissement</h2>
-            $warningUsers | Select-Object Name, SamAccountName, Email, @{Name="ExpirationDate";Expression={$_.ExpirationDate.ToString("dd/MM/yyyy")}}, DaysLeft, Enabled | ConvertTo-Html -Fragment
+            <table>
+                <thead>
+                    <tr>
+                        <th>Nom</th>
+                        <th>SAM Account Name</th>
+                        <th>Email</th>
+                        <th>Date d'expiration</th>
+                        <th>Jours restants</th>
+                        <th>Activé</th>
+                    </tr>
+                </thead>
+                <tbody>
+                    $($warningUsers | ForEach-Object {
+                        "<tr>
+                            <td>$($_.Name)</td>
+                            <td>$($_.SamAccountName)</td>
+                            <td>$($_.Email)</td>
+                            <td>$($_.ExpirationDate.ToString('dd/MM/yyyy'))</td>
+                            <td>$($_.DaysLeft)</td>
+                            <td>$($_.Enabled)</td>
+                        </tr>"
+                    })
+                </tbody>
+            </table>
         </div>
     }
 
-    @if ($IncludeNeverExpires -and $neverExpiresUsers) {
+    @if ($IncludeNeverExpires -and $neverExpiresUsers.Count -gt 0) {
         <div class="section">
             <h2>Comptes avec mot de passe n'expirant jamais</h2>
-            $neverExpiresUsers | Select-Object Name, SamAccountName, Email, Enabled | ConvertTo-Html -Fragment
+            <table>
+                <thead>
+                    <tr>
+                        <th>Nom</th>
+                        <th>SAM Account Name</th>
+                        <th>Email</th>
+                        <th>Activé</th>
+                    </tr>
+                </thead>
+                <tbody>
+                    $($neverExpiresUsers | ForEach-Object {
+                        "<tr>
+                            <td>$($_.Name)</td>
+                            <td>$($_.SamAccountName)</td>
+                            <td>$($_.Email)</td>
+                            <td>$($_.Enabled)</td>
+                        </tr>"
+                    })
+                </tbody>
+            </table>
         </div>
     }
 
-    @if ($neverLoggedInUsers) {
+    @if ($neverLoggedInUsers.Count -gt 0) {
         <div class="section">
             <h2>Comptes jamais connectés</h2>
-            $neverLoggedInUsers | Select-Object Name, SamAccountName, Email, Enabled | ConvertTo-Html -Fragment
+            <table>
+                <thead>
+                    <tr>
+                        <th>Nom</th>
+                        <th>SAM Account Name</th>
+                        <th>Email</th>
+                        <th>Activé</th>
+                    </tr>
+                </thead>
+                <tbody>
+                    $($neverLoggedInUsers | ForEach-Object {
+                        "<tr>
+                            <td>$($_.Name)</td>
+                            <td>$($_.SamAccountName)</td>
+                            <td>$($_.Email)</td>
+                            <td>$($_.Enabled)</td>
+                        </tr>"
+                    })
+                </tbody>
+            </table>
         </div>
     }
 
-    @if ($IncludeDisabled -and $disabledUsers) {
+    @if ($IncludeDisabled -and $disabledUsers.Count -gt 0) {
         <div class="section">
             <h2>Comptes désactivés</h2>
-            $disabledUsers | Select-Object Name, SamAccountName, Email, @{Name="ExpirationDate";Expression={if($_.ExpirationDate){$_.ExpirationDate.ToString("dd/MM/yyyy")}else{"N/A"}}}, DaysLeft | ConvertTo-Html -Fragment
+            <table>
+                <thead>
+                    <tr>
+                        <th>Nom</th>
+                        <th>SAM Account Name</th>
+                        <th>Email</th>
+                        <th>Date d'expiration</th>
+                        <th>Jours restants</th>
+                    </tr>
+                </thead>
+                <tbody>
+                    $($disabledUsers | ForEach-Object {
+                        "<tr>
+                            <td>$($_.Name)</td>
+                            <td>$($_.SamAccountName)</td>
+                            <td>$($_.Email)</td>
+                            <td>$($_.ExpirationDate.ToString('dd/MM/yyyy'))</td>
+                            <td>$($_.DaysLeft)</td>
+                        </tr>"
+                    })
+                </tbody>
+            </table>
         </div>
     }
 

From f477e086b3f30594fc4a7b4feaae450ef310ed9b Mon Sep 17 00:00:00 2001
From: P6g9YHK6 <17877371+P6g9YHK6@users.noreply.github.com>
Date: Mon, 9 Jun 2025 14:56:31 +0200
Subject: [PATCH 09/23] Update file: Mail notification password expiry.ps1

---
 .../Mail notification password expiry.ps1     | 348 +++++++++---------
 1 file changed, 183 insertions(+), 165 deletions(-)

diff --git a/scripts_staging/Backend/Mail notification password expiry.ps1 b/scripts_staging/Backend/Mail notification password expiry.ps1
index 5f91e853..43578d00 100644
--- a/scripts_staging/Backend/Mail notification password expiry.ps1	
+++ b/scripts_staging/Backend/Mail notification password expiry.ps1	
@@ -139,100 +139,21 @@ function ConvertTo-HtmlReport {
         $warningThreshold,
         $criticalThreshold
     )
-    $html = @"
-<!DOCTYPE html>
-<html>
-<head>
-    <meta charset="UTF-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title>Rapport d'expiration des mots de passe</title>
-    <style>
-        body {
-            font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
-            background-color: #f9f9f9;
-            color: #333;
-            margin: 0;
-            padding: 0;
-        }
-        .container {
-            max-width: 1000px;
-            margin: 0 auto;
-            padding: 30px;
-            background-color: #fff;
-            border-radius: 10px;
-            box-shadow: 0 0 10px rgba(0,0,0,0.05);
-        }
-        h1 {
-            color: #2c3e50;
-            border-bottom: 2px solid #3498db;
-            padding-bottom: 10px;
-        }
-        .section {
-            margin-bottom: 30px;
-        }
-        .badge {
-            display: inline-block;
-            padding: 6px 12px;
-            border-radius: 5px;
-            font-weight: bold;
-            margin-right: 10px;
-        }
-        .badge-expired { background-color: #dc3545; color: white; }
-        .badge-critical { background-color: #ffc107; color: #333; }
-        .badge-warning { background-color: #fd7e14; color: white; }
-        .badge-never { background-color: #17a2b8; color: white; }
-        .badge-neverlogged { background-color: #adb5bd; }
-        .badge-disabled { background-color: #6c757d; color: white; }
-        table {
-            width: 100%;
-            border-collapse: collapse;
-            margin-top: 15px;
-        }
-        th, td {
-            padding: 12px;
-            border-bottom: 1px solid #ddd;
-            text-align: left;
-        }
-        th {
-            background-color: #3498db;
-            color: white;
-        }
-        .footer {
-            margin-top: 40px;
-            font-size: 0.9em;
-            color: #777;
-            text-align: center;
-        }
-    </style>
-</head>
-<body>
-<div class="container">
-    <h1>Rapport d'expiration des mots de passe</h1>
-
-    <div class="section">
-        <h2>Politique de mot de passe du domaine</h2>
-        <p><strong>Durée maximale:</strong> $($passwordPolicy.MaxPasswordAge.Days) jours</p>
-        <p><strong>Durée minimale:</strong> $($passwordPolicy.MinPasswordAge.Days) jours</p>
-        <p><strong>Longueur minimale:</strong> $($passwordPolicy.MinPasswordLength) caractères</p>
-        <p><strong>Complexité requise:</strong> $($passwordPolicy.ComplexityEnabled)</p>
-        <p><strong>Historique:</strong> $($passwordPolicy.PasswordHistoryCount) mots de passe</p>
-        <p><strong>Verrouillage:</strong> $($passwordPolicy.LockoutThreshold) tentatives (durée: $($passwordPolicy.LockoutDuration.Minutes) min)</p>
-    </div>
-
-    <div class="section">
-        <h2>Statistiques globales</h2>
-        <p>
-            <span class="badge badge-expired">Expirés: $($expiredUsers.Count)</span>
-            <span class="badge badge-critical">Critiques: $($criticalUsers.Count)</span>
-            <span class="badge badge-warning">Avertissements: $($warningUsers.Count)</span>
-            <span class="badge badge-never">Expirent jamais: $($neverExpiresUsers.Count)</span>
-            <span class="badge badge-neverlogged">Jamais connectés: $($neverLoggedInUsers.Count)</span>
-            <span class="badge badge-disabled">Désactivés: $($disabledUsers.Count)</span>
-        </p>
-    </div>
-
-    @if ($expiredUsers.Count -gt 0) {
-        <div class="section">
+    # Génération des sections conditionnelles
+    $expiredSection = ""
+    if ($expiredUsers.Count -gt 0) {
+        $rows = $expiredUsers | ForEach-Object {
+            "<tr>
+                <td>$($_.Name)</td>
+                <td>$($_.SamAccountName)</td>
+                <td>$($_.Email)</td>
+                <td>$($_.ExpirationDate.ToString('dd/MM/yyyy'))</td>
+                <td>$($_.DaysLeft)</td>
+                <td>$($_.Enabled)</td>
+            </tr>"
+        } | Out-String
+        $expiredSection = @"
+        <div class='section'>
             <h2>Comptes expirés</h2>
             <table>
                 <thead>
@@ -246,23 +167,26 @@ function ConvertTo-HtmlReport {
                     </tr>
                 </thead>
                 <tbody>
-                    $($expiredUsers | ForEach-Object {
-                        "<tr>
-                            <td>$($_.Name)</td>
-                            <td>$($_.SamAccountName)</td>
-                            <td>$($_.Email)</td>
-                            <td>$($_.ExpirationDate.ToString('dd/MM/yyyy'))</td>
-                            <td>$($_.DaysLeft)</td>
-                            <td>$($_.Enabled)</td>
-                        </tr>"
-                    })
+                    $rows
                 </tbody>
             </table>
         </div>
+"@
     }
-
-    @if ($criticalUsers.Count -gt 0) {
-        <div class="section">
+    $criticalSection = ""
+    if ($criticalUsers.Count -gt 0) {
+        $rows = $criticalUsers | ForEach-Object {
+            "<tr>
+                <td>$($_.Name)</td>
+                <td>$($_.SamAccountName)</td>
+                <td>$($_.Email)</td>
+                <td>$($_.ExpirationDate.ToString('dd/MM/yyyy'))</td>
+                <td>$($_.DaysLeft)</td>
+                <td>$($_.Enabled)</td>
+            </tr>"
+        } | Out-String
+        $criticalSection = @"
+        <div class='section'>
             <h2>Comptes critiques</h2>
             <table>
                 <thead>
@@ -276,23 +200,26 @@ function ConvertTo-HtmlReport {
                     </tr>
                 </thead>
                 <tbody>
-                    $($criticalUsers | ForEach-Object {
-                        "<tr>
-                            <td>$($_.Name)</td>
-                            <td>$($_.SamAccountName)</td>
-                            <td>$($_.Email)</td>
-                            <td>$($_.ExpirationDate.ToString('dd/MM/yyyy'))</td>
-                            <td>$($_.DaysLeft)</td>
-                            <td>$($_.Enabled)</td>
-                        </tr>"
-                    })
+                    $rows
                 </tbody>
             </table>
         </div>
+"@
     }
-
-    @if ($warningUsers.Count -gt 0) {
-        <div class="section">
+    $warningSection = ""
+    if ($warningUsers.Count -gt 0) {
+        $rows = $warningUsers | ForEach-Object {
+            "<tr>
+                <td>$($_.Name)</td>
+                <td>$($_.SamAccountName)</td>
+                <td>$($_.Email)</td>
+                <td>$($_.ExpirationDate.ToString('dd/MM/yyyy'))</td>
+                <td>$($_.DaysLeft)</td>
+                <td>$($_.Enabled)</td>
+            </tr>"
+        } | Out-String
+        $warningSection = @"
+        <div class='section'>
             <h2>Comptes en avertissement</h2>
             <table>
                 <thead>
@@ -306,23 +233,24 @@ function ConvertTo-HtmlReport {
                     </tr>
                 </thead>
                 <tbody>
-                    $($warningUsers | ForEach-Object {
-                        "<tr>
-                            <td>$($_.Name)</td>
-                            <td>$($_.SamAccountName)</td>
-                            <td>$($_.Email)</td>
-                            <td>$($_.ExpirationDate.ToString('dd/MM/yyyy'))</td>
-                            <td>$($_.DaysLeft)</td>
-                            <td>$($_.Enabled)</td>
-                        </tr>"
-                    })
+                    $rows
                 </tbody>
             </table>
         </div>
+"@
     }
-
-    @if ($IncludeNeverExpires -and $neverExpiresUsers.Count -gt 0) {
-        <div class="section">
+    $neverExpiresSection = ""
+    if ($IncludeNeverExpires -and $neverExpiresUsers.Count -gt 0) {
+        $rows = $neverExpiresUsers | ForEach-Object {
+            "<tr>
+                <td>$($_.Name)</td>
+                <td>$($_.SamAccountName)</td>
+                <td>$($_.Email)</td>
+                <td>$($_.Enabled)</td>
+            </tr>"
+        } | Out-String
+        $neverExpiresSection = @"
+        <div class='section'>
             <h2>Comptes avec mot de passe n'expirant jamais</h2>
             <table>
                 <thead>
@@ -334,21 +262,24 @@ function ConvertTo-HtmlReport {
                     </tr>
                 </thead>
                 <tbody>
-                    $($neverExpiresUsers | ForEach-Object {
-                        "<tr>
-                            <td>$($_.Name)</td>
-                            <td>$($_.SamAccountName)</td>
-                            <td>$($_.Email)</td>
-                            <td>$($_.Enabled)</td>
-                        </tr>"
-                    })
+                    $rows
                 </tbody>
             </table>
         </div>
+"@
     }
-
-    @if ($neverLoggedInUsers.Count -gt 0) {
-        <div class="section">
+    $neverLoggedInSection = ""
+    if ($neverLoggedInUsers.Count -gt 0) {
+        $rows = $neverLoggedInUsers | ForEach-Object {
+            "<tr>
+                <td>$($_.Name)</td>
+                <td>$($_.SamAccountName)</td>
+                <td>$($_.Email)</td>
+                <td>$($_.Enabled)</td>
+            </tr>"
+        } | Out-String
+        $neverLoggedInSection = @"
+        <div class='section'>
             <h2>Comptes jamais connectés</h2>
             <table>
                 <thead>
@@ -360,21 +291,25 @@ function ConvertTo-HtmlReport {
                     </tr>
                 </thead>
                 <tbody>
-                    $($neverLoggedInUsers | ForEach-Object {
-                        "<tr>
-                            <td>$($_.Name)</td>
-                            <td>$($_.SamAccountName)</td>
-                            <td>$($_.Email)</td>
-                            <td>$($_.Enabled)</td>
-                        </tr>"
-                    })
+                    $rows
                 </tbody>
             </table>
         </div>
+"@
     }
-
-    @if ($IncludeDisabled -and $disabledUsers.Count -gt 0) {
-        <div class="section">
+    $disabledSection = ""
+    if ($IncludeDisabled -and $disabledUsers.Count -gt 0) {
+        $rows = $disabledUsers | ForEach-Object {
+            "<tr>
+                <td>$($_.Name)</td>
+                <td>$($_.SamAccountName)</td>
+                <td>$($_.Email)</td>
+                <td>$($_.ExpirationDate.ToString('dd/MM/yyyy'))</td>
+                <td>$($_.DaysLeft)</td>
+            </tr>"
+        } | Out-String
+        $disabledSection = @"
+        <div class='section'>
             <h2>Comptes désactivés</h2>
             <table>
                 <thead>
@@ -387,20 +322,103 @@ function ConvertTo-HtmlReport {
                     </tr>
                 </thead>
                 <tbody>
-                    $($disabledUsers | ForEach-Object {
-                        "<tr>
-                            <td>$($_.Name)</td>
-                            <td>$($_.SamAccountName)</td>
-                            <td>$($_.Email)</td>
-                            <td>$($_.ExpirationDate.ToString('dd/MM/yyyy'))</td>
-                            <td>$($_.DaysLeft)</td>
-                        </tr>"
-                    })
+                    $rows
                 </tbody>
             </table>
         </div>
+"@
     }
-
+    # Assemblage du rapport HTML final
+    $html = @"
+<!DOCTYPE html>
+<html>
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Rapport d'expiration des mots de passe</title>
+    <style>
+        body {
+            font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
+            background-color: #f9f9f9;
+            color: #333;
+            margin: 0;
+            padding: 0;
+        }
+        .container {
+            max-width: 1000px;
+            margin: 0 auto;
+            padding: 30px;
+            background-color: #fff;
+            border-radius: 10px;
+            box-shadow: 0 0 10px rgba(0,0,0,0.05);
+        }
+        h1 {
+            color: #2c3e50;
+            border-bottom: 2px solid #3498db;
+            padding-bottom: 10px;
+        }
+        .section { margin-bottom: 30px; }
+        .badge {
+            display: inline-block;
+            padding: 6px 12px;
+            border-radius: 5px;
+            font-weight: bold;
+            margin-right: 10px;
+        }
+        .badge-expired { background-color: #dc3545; color: white; }
+        .badge-critical { background-color: #ffc107; color: #333; }
+        .badge-warning { background-color: #fd7e14; color: white; }
+        .badge-never { background-color: #17a2b8; color: white; }
+        .badge-neverlogged { background-color: #adb5bd; }
+        .badge-disabled { background-color: #6c757d; color: white; }
+        table {
+            width: 100%;
+            border-collapse: collapse;
+            margin-top: 15px;
+        }
+        th, td {
+            padding: 12px;
+            border-bottom: 1px solid #ddd;
+            text-align: left;
+        }
+        th { background-color: #3498db; color: white; }
+        .footer {
+            margin-top: 40px;
+            font-size: 0.9em;
+            color: #777;
+            text-align: center;
+        }
+    </style>
+</head>
+<body>
+<div class="container">
+    <h1>Rapport d'expiration des mots de passe</h1>
+    <div class="section">
+        <h2>Politique de mot de passe du domaine</h2>
+        <p><strong>Durée maximale:</strong> $($passwordPolicy.MaxPasswordAge.Days) jours</p>
+        <p><strong>Durée minimale:</strong> $($passwordPolicy.MinPasswordAge.Days) jours</p>
+        <p><strong>Longueur minimale:</strong> $($passwordPolicy.MinPasswordLength) caractères</p>
+        <p><strong>Complexité requise:</strong> $($passwordPolicy.ComplexityEnabled)</p>
+        <p><strong>Historique:</strong> $($passwordPolicy.PasswordHistoryCount) mots de passe</p>
+        <p><strong>Verrouillage:</strong> $($passwordPolicy.LockoutThreshold) tentatives (durée: $($passwordPolicy.LockoutDuration.Minutes) min)</p>
+    </div>
+    <div class="section">
+        <h2>Statistiques globales</h2>
+        <p>
+            <span class="badge badge-expired">Expirés: $($expiredUsers.Count)</span>
+            <span class="badge badge-critical">Critiques: $($criticalUsers.Count)</span>
+            <span class="badge badge-warning">Avertissements: $($warningUsers.Count)</span>
+            <span class="badge badge-never">Expirent jamais: $($neverExpiresUsers.Count)</span>
+            <span class="badge badge-neverlogged">Jamais connectés: $($neverLoggedInUsers.Count)</span>
+            <span class="badge badge-disabled">Désactivés: $($disabledUsers.Count)</span>
+        </p>
+    </div>
+    $expiredSection
+    $criticalSection
+    $warningSection
+    $neverExpiresSection
+    $neverLoggedInSection
+    $disabledSection
     <div class="footer">
         <p>Généré le : $(Get-Date -Format "dd/MM/yyyy HH:mm")</p>
     </div>

From d842f70db0e57507b151753e0a3686232881081a Mon Sep 17 00:00:00 2001
From: P6g9YHK6 <17877371+P6g9YHK6@users.noreply.github.com>
Date: Mon, 9 Jun 2025 15:04:31 +0200
Subject: [PATCH 10/23] Update file: Mail notification password expiry.ps1

---
 .../Backend/Mail notification password expiry.ps1  | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/scripts_staging/Backend/Mail notification password expiry.ps1 b/scripts_staging/Backend/Mail notification password expiry.ps1
index 43578d00..2ef00e08 100644
--- a/scripts_staging/Backend/Mail notification password expiry.ps1	
+++ b/scripts_staging/Backend/Mail notification password expiry.ps1	
@@ -520,7 +520,7 @@ function Send-UserNotification {
         .container {
             max-width: 700px;
             margin: 0 auto;
-            padding: 30px;
+            padding: 15px;  // reduced from 30px to 15px
             background-color: #fff;
             border-radius: 10px;
             box-shadow: 0 0 10px rgba(0,0,0,0.05);
@@ -528,11 +528,11 @@ function Send-UserNotification {
         h1 {
             color: #2c3e50;
             border-bottom: 2px solid #3498db;
-            padding-bottom: 10px;
+            padding-bottom: 5px;  // reduced from 10px to 5px
         }
         .status {
             font-weight: bold;
-            margin-top: 15px;
+            margin-top: 5px;   // reduced from 15px to 5px
             display: inline-block;
             padding: 6px 12px;
             border-radius: 5px;
@@ -543,18 +543,18 @@ function Send-UserNotification {
         table {
             width: 100%;
             border-collapse: collapse;
-            margin-top: 20px;
+            margin-top: 5px;  // reduced from 10px to 5px
         }
         th, td {
-            padding: 8px; /* Réduit l'espace */
+            padding: 2px;  /* reduced from 4px to 2px */
             border-bottom: 1px solid #ddd;
             text-align: left;
-            font-size: 14px; /* Police compacte */
+            font-size: 14px;
         }
         th {
             background-color: #3498db;
             color: white;
-            font-size: 14px; /* Police compacte */
+            font-size: 14px;
         }
     </style>
 </head>

From 5c58624995124d64f009a457195feadb285f720e Mon Sep 17 00:00:00 2001
From: P6g9YHK6 <17877371+P6g9YHK6@users.noreply.github.com>
Date: Mon, 9 Jun 2025 15:11:58 +0200
Subject: [PATCH 11/23] Update file: Mail notification password expiry.ps1

---
 .../Backend/Mail notification password expiry.ps1     | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/scripts_staging/Backend/Mail notification password expiry.ps1 b/scripts_staging/Backend/Mail notification password expiry.ps1
index 2ef00e08..29b0ed73 100644
--- a/scripts_staging/Backend/Mail notification password expiry.ps1	
+++ b/scripts_staging/Backend/Mail notification password expiry.ps1	
@@ -520,7 +520,7 @@ function Send-UserNotification {
         .container {
             max-width: 700px;
             margin: 0 auto;
-            padding: 15px;  // reduced from 30px to 15px
+            padding: 15px;  // réduit par rapport à 30px
             background-color: #fff;
             border-radius: 10px;
             box-shadow: 0 0 10px rgba(0,0,0,0.05);
@@ -528,11 +528,11 @@ function Send-UserNotification {
         h1 {
             color: #2c3e50;
             border-bottom: 2px solid #3498db;
-            padding-bottom: 5px;  // reduced from 10px to 5px
+            padding-bottom: 5px;  // réduit par rapport à 10px
         }
         .status {
             font-weight: bold;
-            margin-top: 5px;   // reduced from 15px to 5px
+            margin-top: 5px;   // réduit par rapport à 15px
             display: inline-block;
             padding: 6px 12px;
             border-radius: 5px;
@@ -543,13 +543,14 @@ function Send-UserNotification {
         table {
             width: 100%;
             border-collapse: collapse;
-            margin-top: 5px;  // reduced from 10px to 5px
+            margin-top: 2px;  // espace vertical réduit
         }
         th, td {
-            padding: 2px;  /* reduced from 4px to 2px */
+            padding: 0px 2px;  /* Padding réduit pour correspondre à la police */
             border-bottom: 1px solid #ddd;
             text-align: left;
             font-size: 14px;
+            line-height: 1.0;  /* Hauteur de ligne réduite */
         }
         th {
             background-color: #3498db;

From 8d80ca339a5e4e650ef9b6f8f71e76474d100ec0 Mon Sep 17 00:00:00 2001
From: P6g9YHK6 <17877371+P6g9YHK6@users.noreply.github.com>
Date: Mon, 9 Jun 2025 15:17:24 +0200
Subject: [PATCH 12/23] Update file: Mail notification password expiry.ps1

---
 scripts_staging/Backend/Mail notification password expiry.ps1 | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/scripts_staging/Backend/Mail notification password expiry.ps1 b/scripts_staging/Backend/Mail notification password expiry.ps1
index 29b0ed73..ba8b4987 100644
--- a/scripts_staging/Backend/Mail notification password expiry.ps1	
+++ b/scripts_staging/Backend/Mail notification password expiry.ps1	
@@ -546,11 +546,11 @@ function Send-UserNotification {
             margin-top: 2px;  // espace vertical réduit
         }
         th, td {
-            padding: 0px 2px;  /* Padding réduit pour correspondre à la police */
+            padding: 0px 2px;  /* Padding réduit pour minimiser la hauteur des lignes */
             border-bottom: 1px solid #ddd;
             text-align: left;
             font-size: 14px;
-            line-height: 1.0;  /* Hauteur de ligne réduite */
+            line-height: 0.8;  /* Hauteur de ligne réduite pour correspondre à la taille de la police */
         }
         th {
             background-color: #3498db;

From 527c98b1e79f8fc41cd0ebb3f11b37fcad4781cc Mon Sep 17 00:00:00 2001
From: P6g9YHK6 <17877371+P6g9YHK6@users.noreply.github.com>
Date: Mon, 9 Jun 2025 15:22:49 +0200
Subject: [PATCH 13/23] Update file: Mail notification password expiry.ps1

---
 scripts_staging/Backend/Mail notification password expiry.ps1 | 1 +
 1 file changed, 1 insertion(+)

diff --git a/scripts_staging/Backend/Mail notification password expiry.ps1 b/scripts_staging/Backend/Mail notification password expiry.ps1
index ba8b4987..80f2a04b 100644
--- a/scripts_staging/Backend/Mail notification password expiry.ps1	
+++ b/scripts_staging/Backend/Mail notification password expiry.ps1	
@@ -551,6 +551,7 @@ function Send-UserNotification {
             text-align: left;
             font-size: 14px;
             line-height: 0.8;  /* Hauteur de ligne réduite pour correspondre à la taille de la police */
+            height: 18px;      // fixed row height regardless of font size
         }
         th {
             background-color: #3498db;

From 224999dc960df857406398fab718c25b333e1afa Mon Sep 17 00:00:00 2001
From: P6g9YHK6 <17877371+P6g9YHK6@users.noreply.github.com>
Date: Tue, 10 Jun 2025 08:46:01 +0200
Subject: [PATCH 14/23] Update file: Mail notification password expiry.ps1

---
 .../Backend/Mail notification password expiry.ps1            | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/scripts_staging/Backend/Mail notification password expiry.ps1 b/scripts_staging/Backend/Mail notification password expiry.ps1
index 80f2a04b..a0f31222 100644
--- a/scripts_staging/Backend/Mail notification password expiry.ps1	
+++ b/scripts_staging/Backend/Mail notification password expiry.ps1	
@@ -13,6 +13,7 @@
 .CHANGELOG
   22.05.25 SAN Added UTF8 to fix encoding issue with russian & french chars
   06.06.25 PQU Added support for multiple admin emails
+  10.06.25 PQU Modification of the visual of the email
 #>
 if (!($PSVersionTable.PSVersion.Major -ge 7)) {
     if (Get-Command pwsh -ErrorAction SilentlyContinue) {
@@ -139,7 +140,7 @@ function ConvertTo-HtmlReport {
         $warningThreshold,
         $criticalThreshold
     )
-    # Génération des sections conditionnelles
+
     $expiredSection = ""
     if ($expiredUsers.Count -gt 0) {
         $rows = $expiredUsers | ForEach-Object {
@@ -328,7 +329,7 @@ function ConvertTo-HtmlReport {
         </div>
 "@
     }
-    # Assemblage du rapport HTML final
+
     $html = @"
 <!DOCTYPE html>
 <html>

From 750a0fb9b3a4ceb22c8f6c45612e7ca8a00eda38 Mon Sep 17 00:00:00 2001
From: P6g9YHK6 <17877371+P6g9YHK6@users.noreply.github.com>
Date: Wed, 11 Jun 2025 09:31:23 +0200
Subject: [PATCH 15/23] Update file: Mail notification password expiry.ps1

---
 .../Mail notification password expiry.ps1     | 64 ++++++++++++-------
 1 file changed, 40 insertions(+), 24 deletions(-)

diff --git a/scripts_staging/Backend/Mail notification password expiry.ps1 b/scripts_staging/Backend/Mail notification password expiry.ps1
index a0f31222..10ce765f 100644
--- a/scripts_staging/Backend/Mail notification password expiry.ps1	
+++ b/scripts_staging/Backend/Mail notification password expiry.ps1	
@@ -1,31 +1,49 @@
 <#
 .SYNOPSIS
-    Ensures the script is executed using PowerShell 7 or higher.
+    Analyse et notification avancée des utilisateurs dont le mot de passe Active Directory approche de l’expiration.
 .DESCRIPTION
-    This script verifies whether it is running in a PowerShell 7+ environment. 
-    If not, and if PowerShell 7 (pwsh) is available on the system, it re-invokes itself using pwsh, passing along any parameters.
-    If pwsh is not found, the script outputs a message and exits with an error code.
-    Once running in PowerShell 7 or higher, it sets the output rendering mode to plaintext for consistent formatting.
+    Ce script interroge Active Directory pour lister les utilisateurs d’une OU cible et calcule la date d’expiration de leur mot de passe selon la politique du domaine.
+    Les comptes sont classés selon l’urgence :
+        - Expiré : mot de passe déjà expiré
+        - Critique : expiration imminente (seuil critique)
+        - Avertissement : expiration proche (seuil d’avertissement)
+    Notifications automatiques :
+        • Email pour tous les utilisateurs concernés
+    Un rapport HTML détaillé est généré :
+        • Politique de mot de passe du domaine
+        • Statistiques par catégorie
+        • Liste détaillée des comptes par statut
+.PARAMETER TargetOU
+    OU cible pour la recherche des utilisateurs (ex : "OU=Utilisateurs,DC=domaine,DC=local")
+.PARAMETER WarningThreshold
+    Jours avant expiration pour déclencher un avertissement (défaut : 15)
+.PARAMETER CriticalThreshold
+    Jours avant expiration pour déclencher une alerte critique (défaut : 7)
+.PARAMETER IncludeDisabled
+    Inclure les comptes désactivés dans le rapport (défaut : false)
+.PARAMETER IncludeNeverExpires
+    Inclure les comptes dont le mot de passe n’expire jamais (défaut : false)
+.PARAMETER EmailSignature
+    Signature personnalisée pour les emails (optionnel)
 .NOTES
+    Prérequis :
+        - Module ActiveDirectory
+        - Accès SMTP pour l’envoi d’emails
+        - Droits d’administration pour les tâches planifiées
     Author: PQU
     Date: 29/04/2025
     #public
 .CHANGELOG
-  22.05.25 SAN Added UTF8 to fix encoding issue with russian & french chars
-  06.06.25 PQU Added support for multiple admin emails
-  10.06.25 PQU Modification of the visual of the email
+  22.05.25 SAN – Added UTF8 encoding to resolve issues with Russian and French characters.
+  06.06.25 PQU – Added support for multiple admin emails and centralized config.
 #>
-if (!($PSVersionTable.PSVersion.Major -ge 7)) {
-    if (Get-Command pwsh -ErrorAction SilentlyContinue) {
-        pwsh -File "`"$PSCommandPath`"" @PSBoundParameters
-        exit $LASTEXITCODE
-    } else {
-        Write-Output "ERROR: PowerShell 7 is not available. Exiting."
-        exit 1
-    }
+
+
+{{CallPowerShell7}}
+
+function Convert-ToBoolean($value) {
+    return $value -match '^(1|true|yes)$'
 }
-[Console]::OutputEncoding = [Text.Encoding]::UTF8
-$PSStyle.OutputRendering = "plaintext"
 
 $TargetOU           = $env:TARGET_OU
 $SmtpServer         = $env:SMTP_SERVER
@@ -35,15 +53,13 @@ $FromEmail          = $env:FROM_EMAIL
 $WarningThreshold   = [int]$env:WARNING_THRESHOLD
 $CriticalThreshold  = [int]$env:CRITICAL_THRESHOLD
 $EmailSignature     = $env:EMAIL_SIGNATURE
-
-function Convert-ToBoolean($value) {
-    return $value -match '^(1|true|yes)$'
-}
-
 $IncludeDisabled       = Convert-ToBoolean $env:INCLUDE_DISABLED
 $IncludeNeverExpires   = Convert-ToBoolean $env:INCLUDE_NEVER_EXPIRES
 $GenerateReportOnly    = Convert-ToBoolean $env:GENERATE_REPORT_ONLY
 
+
+
+
 if ($env:SMTP_CREDENTIAL_USERNAME -and $env:SMTP_CREDENTIAL_PASSWORD) {
     try {
         $SecurePassword = ConvertTo-SecureString $env:SMTP_CREDENTIAL_PASSWORD -AsPlainText -Force
@@ -438,7 +454,7 @@ function Get-EmailSignature {
 <div class='email-signature' style='margin-top: 20px; border-top: 1px solid #ccc; padding-top: 10px;'>
     <p style='color: #666; font-size: 12px; margin: 0;'>
         <strong>Service Informatique</strong><br>
-        Téléphone : +33 (0)1 XX XX XX XX<br>
+        Téléphone : +00 (0)1 XX XX XX XX<br>
         Email : support@domain.com<br>
         <em>Ce message est généré automatiquement, merci de ne pas y répondre directement.</em>
     </p>

From bf867b713ce87e174d5f22ae97b02c3f383c375d Mon Sep 17 00:00:00 2001
From: P6g9YHK6 <17877371+P6g9YHK6@users.noreply.github.com>
Date: Thu, 12 Jun 2025 15:30:50 +0200
Subject: [PATCH 16/23] Update file: Kill Switch Manager.ps1

---
 scripts_staging/Tasks/Kill Switch Manager.ps1 | 57 +++++++------------
 1 file changed, 22 insertions(+), 35 deletions(-)

diff --git a/scripts_staging/Tasks/Kill Switch Manager.ps1 b/scripts_staging/Tasks/Kill Switch Manager.ps1
index 47942ce0..ba8fb5be 100644
--- a/scripts_staging/Tasks/Kill Switch Manager.ps1	
+++ b/scripts_staging/Tasks/Kill Switch Manager.ps1	
@@ -26,8 +26,8 @@
     #public
 
 .CHANGELOG
-
-
+    12.06.25 SAN Fixed var passtrough issue and hidden the file
+    
 .TODO
     Integrate this script into the deployment process.
     Cleanup the code
@@ -61,58 +61,45 @@ $taskName = "RMM_Kill_Switch"
 # Delete the existing task if it exists
 Unregister-ScheduledTask -TaskName $taskName -Confirm:$false
 
-# Script content to save in the file
-$scriptContent = @"
-# Function to execute the stop branch
+$scriptContent = @'
 function ExecuteStopBranch {
-    # Stop Service name: tacticalrmm
     Stop-Service -Name "tacticalrmm" -Force
-    
-    # Kill all tacticalrmm.exe processes
-    Get-Process -Name "tacticalrmm" | Stop-Process -Force
-    
-    # Stop Service name: Mesh Agent
+    Get-Process -Name "tacticalrmm" -ErrorAction SilentlyContinue | Stop-Process -Force
     Stop-Service -Name "Mesh Agent" -Force
-    
-    # Kill all MeshAgent.exe processes
-    Get-Process -Name "MeshAgent" | Stop-Process -Force
+    Get-Process -Name "MeshAgent" -ErrorAction SilentlyContinue | Stop-Process -Force
 }
 
-# Function to execute the uninstall branch
 function ExecuteUninstallBranch {
-    # Execute the uninstall command silently
-    #Start-Process -FilePath "C:\Program Files\TacticalAgent\unins000.exe" -ArgumentList "/VERYSILENT" -Wait
+    Start-Process -FilePath "C:\Program Files\TacticalAgent\unins000.exe" -ArgumentList "/VERYSILENT" -Wait
 }
 
-# Resolve the TXT record
-\$record = Resolve-DnsName -Name "$domain" -Type "TXT"
-
-# Check if the record was found
-if (\$record) {
-    \$txtData = \$record | Select-Object -ExpandProperty Strings
-    \$foundStop = \$txtData -match "stop=true"
-    \$foundUninstall = \$txtData -match "uninstall=true"
+$record = Resolve-DnsName -Name "__DOMAIN_PLACEHOLDER__" -Type "TXT" -ErrorAction SilentlyContinue
+if ($record) {
+    $txtData = $record | Select-Object -ExpandProperty Strings
+    $foundStop = $txtData -match "stop=true"
+    $foundUninstall = $txtData -match "uninstall=true"
 
-    if (-not \$foundStop -and -not \$foundUninstall) {
-        # Neither stop=true nor uninstall=true found
-        Write-Host "Neither 'stop=true' nor 'uninstall=true' found in the TXT record for $domain."
-        # Add your code for the default case here
+    if (-not $foundStop -and -not $foundUninstall) {
+        Write-Host "Neither 'stop=true' nor 'uninstall=true' found in the TXT record for __DOMAIN_PLACEHOLDER__."
     }
-    elseif (\$foundStop) {
-        # Branch for stop=true
+    elseif ($foundStop) {
         ExecuteStopBranch
     }
-    elseif (\$foundUninstall) {
-        # Branch for uninstall=true
+    elseif ($foundUninstall) {
         ExecuteUninstallBranch
     }
 } else {
-    Write-Host "TXT record for $domain not found."
+    Write-Host "TXT record for __DOMAIN_PLACEHOLDER__ not found."
 }
-"@
+'@
+
+# Replace placeholder with actual domain due to powershell shenanigans
+$scriptContent = $scriptContent -replace '__DOMAIN_PLACEHOLDER__', $domain
+
 
 # Save the script content to the file
 $scriptContent | Out-File -FilePath $scriptPath -Encoding UTF8 -Force
+#Set-ItemProperty -Path $scriptPath -Name Attributes -Value ([System.IO.FileAttributes]::Hidden)
 
 # Create a scheduled task to run the script hourly and daily
 $action = New-ScheduledTaskAction -Execute "PowerShell.exe" -Argument "-NoProfile -ExecutionPolicy Bypass -File `"$scriptPath`""

From 9f7053b4bd4a114acf23f8f3f64ceac497d480ac Mon Sep 17 00:00:00 2001
From: P6g9YHK6 <17877371+P6g9YHK6@users.noreply.github.com>
Date: Thu, 12 Jun 2025 15:38:22 +0200
Subject: [PATCH 17/23] Update file: Kill Switch Manager.ps1

---
 scripts_staging/Tasks/Kill Switch Manager.ps1 | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/scripts_staging/Tasks/Kill Switch Manager.ps1 b/scripts_staging/Tasks/Kill Switch Manager.ps1
index ba8fb5be..1fe5e7ba 100644
--- a/scripts_staging/Tasks/Kill Switch Manager.ps1	
+++ b/scripts_staging/Tasks/Kill Switch Manager.ps1	
@@ -26,7 +26,7 @@
     #public
 
 .CHANGELOG
-    12.06.25 SAN Fixed var passtrough issue and hidden the file
+    12.06.25 SAN Fixed var passtrough issue 
     
 .TODO
     Integrate this script into the deployment process.
@@ -34,9 +34,7 @@
     split script content to snippet 
     add company name folder for task
     hide script
-    scripts subfolder setup ?
     hide error when first setup
-
 #>
 
 

From 2924d53108c321768fa7be756ce10a19832d1d26 Mon Sep 17 00:00:00 2001
From: P6g9YHK6 <17877371+P6g9YHK6@users.noreply.github.com>
Date: Wed, 18 Jun 2025 16:55:07 +0200
Subject: [PATCH 18/23] Update file: Change default chocolatey repo to
 internal.ps1

---
 .../Change default chocolatey repo to internal.ps1     | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/scripts_staging/Build/Change default chocolatey repo to internal.ps1 b/scripts_staging/Build/Change default chocolatey repo to internal.ps1
index e2784fce..25216e19 100644
--- a/scripts_staging/Build/Change default chocolatey repo to internal.ps1	
+++ b/scripts_staging/Build/Change default chocolatey repo to internal.ps1	
@@ -19,7 +19,8 @@
 .CHANGELOG
     SAN 11.12.24 Moved new info to env
     SAN 03.05.25 Added a flag to keep or not the default repo
-
+    SAN 18.06.25 Added outputs
+    
 #>
 
 $newUrl = $env:NEW_URL
@@ -34,13 +35,20 @@ $defaultName = "chocolatey"
 $keepDefaultRepo = ($env:keepDefaultRepo -ne '0')
 
 # Always remove both sources to ensure clean state and updated priority
+Write-Output "Removing Chocolatey source: $newName (if exists)"
 choco source remove -n $newName -y
+
+Write-Output "Removing Chocolatey source: $defaultName (if exists)"
 choco source remove -n $defaultName -y
 
 # Add the new internal Chocolatey repository
+Write-Output "Adding new Chocolatey source: $newName with URL $newUrl and priority $newPriority"
 choco source add -n $newName -s $newUrl --priority $newPriority
 
 # Conditionally re-add the default repository
 if ($keepDefaultRepo) {
+    Write-Output "Re-adding default Chocolatey source: $defaultName with priority $defaultPriority"
     choco source add -n $defaultName -s $defaultUrl --priority $defaultPriority
+} else {
+    Write-Output "Skipping re-adding default Chocolatey source"
 }

From aa87320d6d42cef008d87aa6f405d058e14689c1 Mon Sep 17 00:00:00 2001
From: P6g9YHK6 <17877371+P6g9YHK6@users.noreply.github.com>
Date: Wed, 2 Jul 2025 12:15:31 +0200
Subject: [PATCH 19/23] Update file: SQL Health.ps1

---
 scripts_staging/Checks/SQL Health.ps1 | 346 +++++++++++++++-----------
 1 file changed, 197 insertions(+), 149 deletions(-)

diff --git a/scripts_staging/Checks/SQL Health.ps1 b/scripts_staging/Checks/SQL Health.ps1
index ffb5c8bb..b051ec24 100644
--- a/scripts_staging/Checks/SQL Health.ps1	
+++ b/scripts_staging/Checks/SQL Health.ps1	
@@ -15,196 +15,211 @@
 .CHANGELOG
     SAN 12.12.2023 Changed outputs
     SAN 14.03.2024 Added availability group checks
+    SAN 02.07.2025 Centralised querries executions
     
 .TODO
-    Optimize query execution
     Improve error handling
 
 
 #>
-
-function Get-SqlServerVersion {
-    Write-Host "function Get-SqlServerVersion"
-    
-    $computername = $env:computername
+function Get-SqlInstances {
+    $computername = $env:COMPUTERNAME
     $instances = (Get-ItemProperty -Path "HKLM:\Software\Microsoft\Microsoft SQL Server" -Name "InstalledInstances").InstalledInstances
-
-    $errorEncountered = $false  # Initialize flag for tracking errors
+    $serverInstances = @()
 
     foreach ($instance in $instances) {
         if ($instance -eq "MSSQLSERVER") {
-            $serverInstance = "localhost"
+            $serverInstances += "localhost"
         } else {
-            $portsql = (Get-ItemProperty -Path "HKLM:\Software\Microsoft\Microsoft SQL Server\$instance\MSSQLServer\SuperSocketNetLib\Tcp" -Name "TcpPort").TcpPort
-            $serverInstance = "$computername\$instance,$portsql"
+            try {
+                # Try without port first
+                $serverInstances += "$computername\$instance"
+                # Optionally, also add with port to test
+                $port = (Get-ItemProperty -Path "HKLM:\Software\Microsoft\Microsoft SQL Server\$instance\MSSQLServer\SuperSocketNetLib\Tcp" -Name "TcpPort" -ErrorAction SilentlyContinue).TcpPort
+                if ($port) {
+                    $serverInstances += "$computername\$instance,$port"
+                }
+            } catch {
+                Write-Host "Warning: Could not retrieve port for instance $instance"
+            }
+        }
+    }
+    return $serverInstances
+}
+function Ensure-SqlCmdAvailable {
+    if (-not (Get-Command Invoke-Sqlcmd -ErrorAction SilentlyContinue)) {
+        try {
+            Add-PSSnapin SqlServerCmdletSnapin100 -ErrorAction Stop
+            Add-PSSnapin SqlServerProviderSnapin100 -ErrorAction Stop
+        } catch {
+            throw "SQL Cmdlets are not available and could not be loaded."
         }
+    }
+}
 
-        $cmdName = 'Invoke-Sqlcmd'
+function Run-SqlQuery {
+    param (
+        [string]$Query,
+        [string]$Description,
+        [switch]$ReturnResults
+    )
 
-        if (-not (Get-Command $cmdName -ErrorAction SilentlyContinue)) {
-            Add-PSSnapin SqlServerCmdletSnapin100
-            Add-PSSnapin SqlServerProviderSnapin100
-        }
+    Write-Host "Running: $Description"
+    $serverInstances = Get-SqlInstances
+    $errorEncountered = $false
+    $allResults = @()
 
-        try {
-            $version = Invoke-Sqlcmd -ServerInstance $serverInstance -Query "SELECT @@VERSION;" -QueryTimeout 3 -ErrorAction Stop
+    Ensure-SqlCmdAvailable
 
-            if (-not $version) {
-                Write-Host "Error: SQL Check Failed for $serverInstance"
-                $errorEncountered = $true  # Set flag to indicate error
+    foreach ($serverInstance in $serverInstances) {
+        try {
+            $result = Invoke-Sqlcmd -ServerInstance $serverInstance -Query $Query -QueryTimeout 30 -ErrorAction Stop
+            if (-not $result) {
+                Write-Host "OK: $serverInstance - No results"
             } else {
-                Write-Host "OK: $($serverInstance) $($version[0].replace("`n`t"," "))"
+                Write-Host "OK: $serverInstance - Results:"
+                $result | Format-Table -AutoSize
+            }
+            if ($ReturnResults) {
+                $allResults += [pscustomobject]@{
+                    ServerInstance = $serverInstance
+                    Result = if ($result) { $result } else { @() }
+                }
             }
         } catch {
             Write-Host "Error: $($_.Exception.Message) for $serverInstance"
-            $errorEncountered = $true  # Set flag to indicate error
+            $errorEncountered = $true
         }
     }
-
     if ($errorEncountered) {
-        return "Error"  # Return "Error" if any error occurred during the process
+        return "Error"
     } else {
-        return "OK"  # Return "OK" if no errors occurred
+        if ($ReturnResults) {
+            return $allResults
+        }
+        return "OK"
     }
 }
 
 
+function Get-SqlServerVersion {
+    $query = "SELECT @@VERSION;"
+    Write-Host "Running: Get SQL Server Version"
 
+    $serverInstances = Get-SqlInstances
+    $errorEncountered = $false
 
-function Get-BlockedSqlRequests {
-    Write-Host "function Get-BlockedSqlRequests"
-    
-    $computername = $env:computername
-    $instances = (Get-ItemProperty -Path "HKLM:\Software\Microsoft\Microsoft SQL Server" -Name "InstalledInstances").InstalledInstances
-
-    $errorEncountered = $false  # Initialize flag for tracking errors
-
-    foreach ($instance in $instances) {
-        if ($instance -eq "MSSQLSERVER") {
-            $serverInstance = "localhost"
-        } else {
-            $portsql = (Get-ItemProperty -Path "HKLM:\Software\Microsoft\Microsoft SQL Server\$instance\MSSQLServer\SuperSocketNetLib\Tcp" -Name "TcpPort").TcpPort
-            $serverInstance = "$computername\$instance,$portsql"
-        }
-
-        $mysqlrequest = @"
-        USE master
-        SELECT db.name DBName,
-        tl.request_session_id,
-        wt.blocking_session_id,
-        OBJECT_NAME(p.OBJECT_ID) BlockedObjectName,
-        tl.resource_type,
-        h1.TEXT AS RequestingText,
-        h2.TEXT AS BlockingTest,
-        tl.request_mode
-        FROM sys.dm_tran_locks AS tl
-        INNER JOIN sys.databases db ON db.database_id = tl.resource_database_id
-        INNER JOIN sys.dm_os_waiting_tasks AS wt ON tl.lock_owner_address = wt.resource_address
-        INNER JOIN sys.partitions AS p ON p.hobt_id = tl.resource_associated_entity_id
-        INNER JOIN sys.dm_exec_connections ec1 ON ec1.session_id = tl.request_session_id
-        INNER JOIN sys.dm_exec_connections ec2 ON ec2.session_id = wt.blocking_session_id
-        CROSS APPLY sys.dm_exec_sql_text(ec1.most_recent_sql_handle) AS h1
-        CROSS APPLY sys.dm_exec_sql_text(ec2.most_recent_sql_handle) AS h2
-"@
-
-        $cmdName = 'Invoke-Sqlcmd'
-
-        if (-not (Get-Command $cmdName -ErrorAction SilentlyContinue)) {
-            Add-PSSnapin SqlServerCmdletSnapin100
-            Add-PSSnapin SqlServerProviderSnapin100
-        }
+    Ensure-SqlCmdAvailable
 
+    foreach ($serverInstance in $serverInstances) {
+        Write-Host "`nQuerying instance: $serverInstance"
         try {
-            $result = Invoke-Sqlcmd -ServerInstance $serverInstance -Query $mysqlrequest -QueryTimeout 60 -ErrorAction Stop
-
+            $result = Invoke-Sqlcmd -ServerInstance $serverInstance -Query $query -QueryTimeout 30 -ErrorAction Stop
             if (-not $result) {
-                Write-Host "OK: $($serverInstance) No Blocking Requests"
+                #Write-Host "DEBUG: No results returned from $serverInstance."
+                $errorEncountered = $true
             } else {
-                Write-Host "Error: Unable to retrieve blocked requests for $($serverInstance). $($result[0].Exception.Message)"
-                $errorEncountered = $true  # Set flag to indicate error
+                #Write-Host "DEBUG: Raw result object type: $($result.GetType().FullName)"
+                #Write-Host "DEBUG: Result count: $($result.Count)"
+                #Write-Host "DEBUG: Result content:"
+                #$result | Format-List | Out-String | Write-Host
+                Write-Host "OK: $serverInstance SQL Version: $($result.Column1)"
             }
         } catch {
-            Write-Host "Error: Unable to retrieve blocked requests for $($serverInstance). $($Error[0].Exception.Message)"
-            $errorEncountered = $true  # Set flag to indicate error
+            Write-Host "ERROR: Exception querying $serverInstance : $($_.Exception.Message)"
+            $errorEncountered = $true
         }
     }
 
     if ($errorEncountered) {
-        return "Error" 
+        return "Error"
     } else {
         return "OK"
     }
 }
 
-Function Get-SqlAgSyncStatus {
-    Write-Host "Function Get-SqlAgSyncStatus"
-    
-    $server = "$( $env:COMPUTERNAME)\$( (Get-Item 'HKLM:\Software\Microsoft\Microsoft SQL Server\Instance Names\SQL').Property[0])"
+
+
+function Get-BlockedSqlRequests {
+    $query = @"
+USE master
+SELECT db.name AS DBName,
+       tl.request_session_id,
+       wt.blocking_session_id,
+       OBJECT_NAME(p.OBJECT_ID) AS BlockedObjectName,
+       tl.resource_type,
+       h1.TEXT AS RequestingText,
+       h2.TEXT AS BlockingText,
+       tl.request_mode
+FROM sys.dm_tran_locks AS tl
+JOIN sys.databases db ON db.database_id = tl.resource_database_id
+JOIN sys.dm_os_waiting_tasks AS wt ON tl.lock_owner_address = wt.resource_address
+JOIN sys.partitions AS p ON p.hobt_id = tl.resource_associated_entity_id
+JOIN sys.dm_exec_connections ec1 ON ec1.session_id = tl.request_session_id
+JOIN sys.dm_exec_connections ec2 ON ec2.session_id = wt.blocking_session_id
+CROSS APPLY sys.dm_exec_sql_text(ec1.most_recent_sql_handle) AS h1
+CROSS APPLY sys.dm_exec_sql_text(ec2.most_recent_sql_handle) AS h2
+"@
+    return Run-SqlQuery -Query $query -Description "Get Blocked SQL Requests"
+}
+function Get-SqlAgSyncStatus {
+    Write-Host "Running: Get SQL Availability Group Sync Status"
+
+    $instanceName = (Get-Item 'HKLM:\Software\Microsoft\Microsoft SQL Server\Instance Names\SQL').Property[0]
+    $server = "$($env:COMPUTERNAME)\$instanceName"
+
     Write-Host "Detected SQL Server Instance: $server"
-    
-    Function RunQuery($query) {
-        Try {
-            $conn = New-Object System.Data.SqlClient.SqlConnection
-            $conn.ConnectionString = "Server=$server;Database=master;Integrated Security=True"
-            $conn.Open()
-            
-            $userQuery = "SELECT SUSER_NAME(), USER_NAME();"
-            $cmdUser = New-Object System.Data.SqlClient.SqlCommand($userQuery, $conn)
-            $userReader = $cmdUser.ExecuteReader()
-            If ($userReader.Read()) {
-                Write-Host "Connected as: $($userReader.GetString(0)) ($($userReader.GetString(1)))"
-            }
-            $userReader.Close()
-            
-            Write-Host "SQL Connection Successful: $server"
-            
-            $cmd = New-Object System.Data.SqlClient.SqlCommand($query, $conn)
-            $adapter = New-Object System.Data.SqlClient.SqlDataAdapter($cmd)
-            $dataSet = New-Object System.Data.DataSet
-            $adapter.Fill($dataSet) | Out-Null
-            $conn.Close()
-            
-            return $dataSet.Tables[0]
-        } Catch {
-            Write-Host "SQL Error: $_"
-            return $null
-        }
+
+    $agQuery = @"
+SELECT c.name, s.synchronization_health
+FROM sys.availability_groups_cluster c
+JOIN sys.dm_hadr_availability_group_states s ON c.group_id = s.group_id
+WHERE LOWER(s.primary_replica) = LOWER('$server')
+   OR LOWER('$server') IN (
+       SELECT LOWER(replica_server_name)
+       FROM sys.availability_replicas
+   );
+"@
+
+    $agResults = Run-SqlQuery -Query $agQuery -Description "Get Availability Group Synchronization Status" -ReturnResults
+
+    if ($agResults -eq "Error") {
+        Write-Host "Failed to retrieve Availability Group synchronization status."
+        return "Error"
     }
-    
-    $query = "SELECT c.name, s.synchronization_health FROM sys.availability_groups_cluster c 
-    JOIN sys.dm_hadr_availability_group_states s ON c.group_id = s.group_id 
-    WHERE LOWER(s.primary_replica) = LOWER('$server') OR LOWER('$server') IN 
-    (SELECT LOWER(replica_server_name) FROM sys.availability_replicas);"
-    
-    $result = RunQuery $query 
-    
-    if ($null -eq $result -or $result.Rows.Count -eq 0) {
-        Write-Host "OK : $server AG SYNCHRO : No Availability Groups found."
+
+    $agData = $agResults | Where-Object { $_.ServerInstance -eq $server }
+
+    if (-not $agData -or $agData.Result.Count -eq 0) {
+        Write-Host "OK: $server AG SYNCHRO - No Availability Groups found."
         return "OK"
     }
-    
-    Write-Host "Query Result Count: $($result.Rows.Count)"
-    Write-Host "Query Result: $($result | Out-String)"
-    
+
     $description = ""
     $statusLevel = 0
-    foreach ($row in $result) {
+
+    foreach ($row in $agData.Result) {
         switch ($row.synchronization_health) {
-            0 { $statusLevel = [Math]::Max($statusLevel, 2); $description += "$($row.name): Not Healthy " }
-            1 { $statusLevel = [Math]::Max($statusLevel, 1); $description += "$($row.name): Partially Healthy " }
-            2 { $description += "$($row.name): Healthy " }
+            0 { 
+                $statusLevel = [Math]::Max($statusLevel, 2)
+                $description += "$($row.name): Not Healthy "
+            }
+            1 { 
+                $statusLevel = [Math]::Max($statusLevel, 1)
+                $description += "$($row.name): Partially Healthy "
+            }
+            2 { 
+                $description += "$($row.name): Healthy "
+            }
         }
     }
-    
+
     $status = @("OK", "WARNING", "CRITICAL")[$statusLevel]
-    Write-Host "$status : $server AG SYNCHRO : $description"
+    Write-Host "${status}: $server AG SYNCHRO - $description"
     return $status
 }
 
-
-
 function Check-SqlServerInstallation {
-    # Check if Invoke-Sqlcmd is available
     if (Get-Command Invoke-Sqlcmd -ErrorAction SilentlyContinue) {
         return $true
     } else {
@@ -213,36 +228,69 @@ function Check-SqlServerInstallation {
     }
 }
 
-# Check if SQL Server is installed before proceeding with health checks
+function Get-SqlCurrentUser {
+
+    $query = "SELECT SUSER_NAME() AS LoginName, USER_NAME() AS UserName;"
+
+    $results = Run-SqlQuery -Query $query -Description "Get current SQL user" -ReturnResults
+
+    if ($results -eq "Error" -or $results.Count -eq 0) {
+        Write-Host "Failed to retrieve current user information."
+        return "Error"
+    }
+
+    foreach ($res in $results) {
+        if (-not $res.ServerInstance -or -not $res.Result) {
+            # Skip empty results
+            continue
+        }
+
+        $loginName = ""
+        $userName = ""
+
+        if ($res.Result -is [System.Data.DataRow]) {
+            $loginName = $res.Result.Item("LoginName")
+            $userName = $res.Result.Item("UserName")
+        }
+        elseif ($res.Result -is [System.Data.DataTable]) {
+            if ($res.Result.Rows.Count -gt 0) {
+                $row = $res.Result.Rows[0]
+                $loginName = $row.Item("LoginName")
+                $userName = $row.Item("UserName")
+            }
+        }
+        elseif ($res.Result -is [System.Collections.IEnumerable]) {
+            $firstRow = $res.Result | Select-Object -First 1
+            if ($firstRow) {
+                $loginName = $firstRow.LoginName
+                $userName = $firstRow.UserName
+            }
+        }
+
+        Write-Host "Connected as: $loginName ($userName) on $($res.ServerInstance)"
+    }
+}
+
+
+# MAIN EXECUTION BLOCK
 if (Check-SqlServerInstallation) {
-    $cmdName = 'Invoke-Sqlcmd'
 
-    # Run each function and report the result
+    Get-SqlCurrentUser
+
     $result1 = Get-SqlServerVersion
     $result2 = Get-BlockedSqlRequests
     $result3 = Get-SqlAgSyncStatus
 
-    # Check the results and provide the overall status
     if ($result1 -eq "OK" -and $result2 -eq "OK" -and $result3 -eq "OK") {
         Write-Host "OK: All components are functioning properly"
     } else {
         $errorComponents = @()
-
-        if ($result1 -ne "OK") {
-            $errorComponents += "SQL Server Version Check"
-        }
-
-        if ($result2 -ne "OK") {
-            $errorComponents += "Blocked SQL Requests Check"
-        }
-        
-        if ($result3 -ne "OK") {
-            $errorComponents += "AG Synchronization Check"
-        }
+        if ($result1 -ne "OK") { $errorComponents += "SQL Server Version Check" }
+        if ($result2 -ne "OK") { $errorComponents += "Blocked SQL Requests Check" }
+        if ($result3 -ne "OK") { $errorComponents += "AG Synchronization Check" }
 
         $errorList = $errorComponents -join ", "
-        Write-Host "Overall Status: Some components encountered errors. Errors in: $errorList"
+        Write-Host "KO: Some components encountered errors. Errors in: $errorList"
         Exit 1
     }
 }
-

From 1fcc8c1aa3e2b34b4b4040c0c73606debe234bf1 Mon Sep 17 00:00:00 2001
From: P6g9YHK6 <17877371+P6g9YHK6@users.noreply.github.com>
Date: Wed, 2 Jul 2025 12:15:33 +0200
Subject: [PATCH 20/23] Update file: Task Scheduler scanner.ps1

---
 .../Checks/Task Scheduler scanner.ps1            | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/scripts_staging/Checks/Task Scheduler scanner.ps1 b/scripts_staging/Checks/Task Scheduler scanner.ps1
index 160fe2aa..278ab6bb 100644
--- a/scripts_staging/Checks/Task Scheduler scanner.ps1	
+++ b/scripts_staging/Checks/Task Scheduler scanner.ps1	
@@ -9,15 +9,17 @@
 
 
 .EXAMPLE 
+    company_name={{global.Company_Name}}
+    company_name=Consonto
 
 
 .NOTES
     Author: SAN
-    Date: ???
+    Date: 01.01.25
     #public
 
 .CHANGELOG
-    
+    02.07.25 SAN Added company name to the folders
 
 .TODO
     Use a flag for debug
@@ -41,8 +43,15 @@ $ignoreFolders = @(
     "\Mozilla\",
     "\Microsoft\Office\",
     "\Microsoft\Windows\",
-    "\MySQL\Installer\"
+    "\MySQL\Installer\",
 )
+
+# If it exists and is not empty, add it to the ignore list
+$companyName = $env:company_name
+if (-not [string]::IsNullOrEmpty($companyName)) {
+    $ignoreFolders += "\$companyName\"
+}
+
 $ignoreNames = @(
     "Optimize Start Menu Cache",
     "DropboxUpdateTaskUserS",
@@ -54,6 +63,7 @@ $ignoreNames = @(
     "OneDrive Reporting Task",
     "ZoomUpdateTaskUser",
     "OneDrive Standalone Update Task"
+    "OneDrive Startup Task"
     "CreateExplorerShellUnelevatedTask"
 )
 $ignoreUsers = @(

From 2627c792347f189f20a053f8885edcc32436e3ce Mon Sep 17 00:00:00 2001
From: P6g9YHK6 <17877371+P6g9YHK6@users.noreply.github.com>
Date: Wed, 2 Jul 2025 12:15:57 +0200
Subject: [PATCH 21/23] Add new file: Deploy diagnostic toolkit.ps1

---
 .../Tools/Deploy diagnostic toolkit.ps1       | 39 +++++++++++++++++++
 1 file changed, 39 insertions(+)
 create mode 100644 scripts_staging/Tools/Deploy diagnostic toolkit.ps1

diff --git a/scripts_staging/Tools/Deploy diagnostic toolkit.ps1 b/scripts_staging/Tools/Deploy diagnostic toolkit.ps1
new file mode 100644
index 00000000..05c0cdfc
--- /dev/null
+++ b/scripts_staging/Tools/Deploy diagnostic toolkit.ps1	
@@ -0,0 +1,39 @@
+<#
+.SYNOPSIS
+    Installs or uninstalls Sysinternals and nirlauncher using Chocolatey. 
+
+.DESCRIPTION
+    This script installs or uninstalls the Sysinternals and nirlauncher packages via Chocolatey. .
+    If the environment variable "uninstall" is set to "1", it will uninstall both packages instead of installing.
+
+.EXAMPLE
+    uninstall=1
+
+.NOTES
+    Author: SAN
+    Date: 26.06.25
+    #public
+
+.CHANGELOG
+
+#>
+
+
+if (-not (Get-Command choco -ErrorAction SilentlyContinue)) {
+    Write-Error "Chocolatey is not installed or not in PATH."
+    exit 1
+}
+
+$uninstall = $env:uninstall
+
+if ($uninstall -eq "1") {
+    Write-Host "Start uninstall"
+    choco uninstall sysinternals -y
+    choco uninstall nirlauncher -y
+} else {
+    Write-Host "Start install"
+    choco install sysinternals -y --ignore-checksums --no-progress --force
+    choco install nirlauncher -y --package-parameters="/Sysinternals" --no-progress --force
+
+    Write-Host "Launcher available at C:\tools\NirLauncher"
+}
\ No newline at end of file

From 4c7fb7f51c321093e55ded41f0d63c947d8031d2 Mon Sep 17 00:00:00 2001
From: P6g9YHK6 <17877371+P6g9YHK6@users.noreply.github.com>
Date: Wed, 2 Jul 2025 12:16:03 +0200
Subject: [PATCH 22/23] Update file: Windows update force install new
 updates.ps1

---
 .../Tools/Windows update force install new updates.ps1 | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

diff --git a/scripts_staging/Tools/Windows update force install new updates.ps1 b/scripts_staging/Tools/Windows update force install new updates.ps1
index 8ecd0dd1..0e7cd0a4 100644
--- a/scripts_staging/Tools/Windows update force install new updates.ps1	
+++ b/scripts_staging/Tools/Windows update force install new updates.ps1	
@@ -15,7 +15,9 @@
     #public
 
 .CHANGELOG
+    02.07.25 SAN optimisation 
 
+    
 #>
 
 
@@ -47,19 +49,13 @@ if (Get-Module -ListAvailable -Name PSWindowsUpdate) {
     }
 }
 
-# Function to start the update process
-function StartUpdateProcess {
-    Write-Host "Start updates:"
-    Get-WindowsUpdate -Verbose -Install -AcceptAll -AutoReboot
-}
-
 # Check updates
 Write-Host "Check for available updates:"
 Get-WindowsUpdate
 
 # Start update process
 Write-Host "Updating Windows"
-StartUpdateProcess
+Get-WindowsUpdate -Verbose -Install -AcceptAll -AutoReboot
 
 Write-Host "Output of the last updates results:"
 $results = Get-WULastResults

From f083141c81499be048aa3041d43b9d16dcfcfa92 Mon Sep 17 00:00:00 2001
From: P6g9YHK6 <17877371+P6g9YHK6@users.noreply.github.com>
Date: Wed, 2 Jul 2025 15:08:36 +0200
Subject: [PATCH 23/23] Update file: Task Scheduler scanner.ps1

---
 scripts_staging/Checks/Task Scheduler scanner.ps1 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts_staging/Checks/Task Scheduler scanner.ps1 b/scripts_staging/Checks/Task Scheduler scanner.ps1
index 278ab6bb..19684a27 100644
--- a/scripts_staging/Checks/Task Scheduler scanner.ps1	
+++ b/scripts_staging/Checks/Task Scheduler scanner.ps1	
@@ -43,7 +43,7 @@ $ignoreFolders = @(
     "\Mozilla\",
     "\Microsoft\Office\",
     "\Microsoft\Windows\",
-    "\MySQL\Installer\",
+    "\MySQL\Installer\"
 )
 
 # If it exists and is not empty, add it to the ignore list