• State Not Answered
  • Replies 0 replies
  • Subscribers 5 subscribers
  • Views 35 views
  • Users 0 members are here
Options
Related

PowerShell script checks to see if an account is locked out/My first submission.

jgrimes4292
over 4 years ago

mikegaleadamlboyd

# Comments #####################################################################

# Application Name: @@Account Lockout Check

# Created: December 6, 2016

# Description: Checks to see if an AD user account is locked out.

#

# Notes:

# This PowerShell script checks to see if an account is locked out. This script will be executed

# by the polling engine that the node is currently assigned to. The script is written to accept

# the first parameter, account name with/out the domain prefix (e.g. user_id) in the script arguments.

#

# prerequisites:

# The polling engine must have the features below installed.

# https://technet.microsoft.com/en-us/library/cc816817(v=ws.10).aspx

#  +- Remote Server Administration Tools

# |-+ Role Administration Tools

# |-+ AD DS and AD LDS Tools

# |-+ Active Directory module for Windows PowerShell.

# get the account name from the script arguments.

$SamAccountName = $args[0]

# return true/false if the account exists.

$accountExist = [bool] (Get-ADUser -Filter { SamAccountName -eq $SamAccountName })

# return true/false if the account is locked.

$accountLocked = [bool] (Get-ADUser $SamAccountName -Properties * | Select-Object LockedOut)

# check to see if the account exists.

if ($accountExist -eq "true"){

# The account exist and now we need to see if its locked out.

    # Locked

    if ( (Get-ADUser $SamAccountName -Properties * | Select-Object LockedOut) -match "True" )

    {

Write-Host "Message.0: The account '$SamAccountName' is locked."

Write-Host "Statistic.0: 1"

exit 0

    }

    # Not locked

    elseif ( (Get-ADUser $SamAccountName -Properties * | Select-Object LockedOut) -match "False")

    {

Write-Host "Message.0: The account '$SamAccountName' is not locked."

Write-Host "Statistic.0: 0"

exit 0

    }

    # if the account exists but not sure if its locked out.

    else

    {

Write-Host "Message.0: ERROR: PowerShell script error. Contact bsr@regions.com"

Write-Host "Statistic.0: -5"

exit 0

    }

} #end of account exist if

# if the account does not exist then exit with the BSR standard exit code.

else {

Write-Host "Message.0: The account '$SamAccountName' does not exist. "

Write-Host "Statistic.0: -5"

exit 0

}

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 150,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification SolarWinds Lab Link Accounts
About THWACK Blogs Federal & Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
© 2021 SolarWinds Worldwide, LLC. All Rights Reserved.