• State Not Answered
  • Locked Locked
  • Replies 0 replies
  • Subscribers 23 subscribers
  • Views 2323 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

PowerShell script checks to see if an account is locked out/My first submission.

jgrimes4292

mikegaleadamlboyd

# Comments #####################################################################

# Application Name: @@Account Lockout Check

# Created: December 6, 2016

# Description: Checks to see if an AD user account is locked out.

#

# Notes:

# This PowerShell script checks to see if an account is locked out. This script will be executed

# by the polling engine that the node is currently assigned to. The script is written to accept

# the first parameter, account name with/out the domain prefix (e.g. user_id) in the script arguments.

#

# prerequisites:

# The polling engine must have the features below installed.

# https://technet.microsoft.com/en-us/library/cc816817(v=ws.10).aspx

#  +- Remote Server Administration Tools

# |-+ Role Administration Tools

# |-+ AD DS and AD LDS Tools

# |-+ Active Directory module for Windows PowerShell.

# get the account name from the script arguments.

$SamAccountName = $args[0]

# return true/false if the account exists.

$accountExist = [bool] (Get-ADUser -Filter { SamAccountName -eq $SamAccountName })

# return true/false if the account is locked.

$accountLocked = [bool] (Get-ADUser $SamAccountName -Properties * | Select-Object LockedOut)

# check to see if the account exists.

if ($accountExist -eq "true"){

# The account exist and now we need to see if its locked out.

    # Locked

    if ( (Get-ADUser $SamAccountName -Properties * | Select-Object LockedOut) -match "True" )

    {

Write-Host "Message.0: The account '$SamAccountName' is locked."

Write-Host "Statistic.0: 1"

exit 0

    }

    # Not locked

    elseif ( (Get-ADUser $SamAccountName -Properties * | Select-Object LockedOut) -match "False")

    {

Write-Host "Message.0: The account '$SamAccountName' is not locked."

Write-Host "Statistic.0: 0"

exit 0

    }

    # if the account exists but not sure if its locked out.

    else

    {

Write-Host "Message.0: ERROR: PowerShell script error. Contact bsr@regions.com"

Write-Host "Statistic.0: -5"

exit 0

    }

} #end of account exist if

# if the account does not exist then exit with the BSR standard exit code.

else {

Write-Host "Message.0: The account '$SamAccountName' does not exist. "

Write-Host "Statistic.0: -5"

exit 0

}

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.