How to configure domain account password expiry notification mail

We have one common domain account for our application LDAP authentication purposes and now looking to set password expiry email notification for this single domain account. I m just a normal domain user. I don't have AD permissions. So is it possible to enable the remainder email configuration to send some of our team members?

Our local IT department informed that it is possible to notify to our common domain account's mail only(this mail box we don't check regularly).


Solution 1:

Active Directory does not have any sort of built-in password expiration email notification system. Anything that might exist within your organization is either a homegrown script or a 3rd party software package your IT admins have installed. So if your IT department says they can only notify the email address associated with the shared account, it's likely a limitation of that software or script.

But your personal domain account potentially has everything you need to write your own notification script. You only need read-access to user objects in AD which all users have by default unless your organization has modified the default permissions. You can query the details of the shared account and check the msDS-UserPasswordExpiryTimeComputed attribute. Then based on the value, send your notification.