|
|||
|
|
|
| Home |
| About |
| Hobbies |
| Software |
| Hardware |
| ICT Hotlist |
| Purpose |
webhalla
Great #TheBeatles #Corona parody 'I Gotta Wash My Hands' with valuable lessons. All you need is gloves.... Stay healthy https://t.co/sLPg8YkyXe
01 Apr 2020
SMBGhost (CVE-2020-0796): a new wormable #Windows #SMBv3.1.1 vulnerability. Patch #KB4551762 released after patch Tuesday. Vulnerability affects #Windows10 (versions #1903 and #1909) and #WindowsServer (1903 and 1909) #smb #compression. https://t.co/hjGl0bST9R https://t.co/BKxeX6zq8x
13 Mar 2020
Yes always use your original mains phone charger when you are not at a trusted location. https://t.co/EiFy8eMlls
13 Mar 2020
Swedish #gdpr fine for #google of 7.000.000 €. The DPA issued the fine after it found Google did not properly remove a pair of search results listings it ordered the tech company to remove in 2017. https://t.co/d32S1ZJrnF
13 Mar 2020
@ PrivacyPros: When you become a Certified Information Privacy Manager (#CIPM), it shows that you don’t just know privacy regulations—you know how to make them work for your organization. Earn yours: https://t.co/RStxRyq8ic https://t.co/ek9ZwIIaKG
13 Mar 2020
ICT-Hotlist Topic
Back to the ICT-Hotlist...
Don't miss latest updates 
@WebHallaFind locked out Windows Domain Users with PowerShell
Have some colleagues that use BYOD with their own (e-mail) synchronised programs? Changing their Windows passwords on their desktop, notebook or even through a Citrix portal results in log on problems? Then one of their devices might be using an old password to synchronise, resulting in an Active Directory user account lockout.This PowerShell script determines if someone is locked out from the Active Directory Domain Services (AD DS), and when the situation occurred. It reports :
No-one locked out
or a list formatted as:
Name Since Locked Out
Johan 2015-11-16 22:29:37 True
Using this script on a Windows 7, 8 or 10 desktop? You may need to load the Active Directory module by
configuring RSAT.
Read more about RSAT here
Johan 2015-11-16 22:29:37 True
# This PowerShell script determines if someone is locked out from the
# Active Directory, and when the situation occurred:
# It reports
# No-one locked out
# or a list of:
# Name Since Locked Out
# Johan 2015-11-16 22:29:37 True
# (C)Copyrights 2015 - 2020 vanSoest.it by J. van Soest.
# Load the Active Directory PowerShell module.
Import-Module ActiveDirectory
# Clear the screen so the data is nicely presented.
cls
Write-Host "This PowerShell script determines if someone is locked out from the "
Write-Host "Active Directory, and when the situation occurred:"
# Define an object and load it with all the users currently locked out
$LOUsers = Search-ADAccount -lockedout
# Check if the object contains any members
if ( $LOUsers -ne $null ) {
# Object contains members so write the table headers on the screen (tab seperated)
Write-Host "Name`tSince`tLocked Out"
# Now loop through all the members and write data to screen tab formatted.
foreach ($LOUser in $LOUsers){
$Usr = Get-ADUser $LOUser -Properties *
$Time = $Usr.lockoutTime
# Format the Active Directory date number using the filesystem datetime object
$strTime = [datetime]::FromFileTime($Time).ToString("yyy-MM-dd HH:mm:ss")
Write-Host $Usr.Name,"`t",$strTime,"`t",$Usr.lockedout
}
}
else{
# The object is empty. So no one is locked out.
Write-Host "No-one locked out"
}
Want to test this script? Just run the command line interface (cli) command:
# Active Directory, and when the situation occurred:
# It reports
# No-one locked out
# or a list of:
# Name Since Locked Out
# Johan 2015-11-16 22:29:37 True
# (C)Copyrights 2015 - 2020 vanSoest.it by J. van Soest.
# Load the Active Directory PowerShell module.
Import-Module ActiveDirectory
# Clear the screen so the data is nicely presented.
cls
Write-Host "This PowerShell script determines if someone is locked out from the "
Write-Host "Active Directory, and when the situation occurred:"
# Define an object and load it with all the users currently locked out
$LOUsers = Search-ADAccount -lockedout
# Check if the object contains any members
if ( $LOUsers -ne $null ) {
# Object contains members so write the table headers on the screen (tab seperated)
Write-Host "Name`tSince`tLocked Out"
# Now loop through all the members and write data to screen tab formatted.
foreach ($LOUser in $LOUsers){
$Usr = Get-ADUser $LOUser -Properties *
$Time = $Usr.lockoutTime
# Format the Active Directory date number using the filesystem datetime object
$strTime = [datetime]::FromFileTime($Time).ToString("yyy-MM-dd HH:mm:ss")
Write-Host $Usr.Name,"`t",$strTime,"`t",$Usr.lockedout
}
}
else{
# The object is empty. So no one is locked out.
Write-Host "No-one locked out"
}
runas /user:%userdomain%\<testuser> cmd.exe
Run it 5 times (substitute the retries lock out value of your domain), with a test user account and fill in a wrong password
each time. The PowerShell script will show a locking of the <testuser> account.
Account Lockout Status (LockoutStatus.exe)
Microsoft also has a tool called LockoutStatus that does not require PowerShell and has a GUI. Read more here
You may vote your opinion about this article:
| Topic created | : | 01-05-2017 |
| Topic last edited | : | 31-05-2018 |
Scripts and programming examples disclaimer
Unless stated otherwise, the script sources and programming examples provided are copyrighted freeware. You may modify them, as long as a reference to the original code and hyperlink to the source page is included in the modified code and documentation. However, it is not allowed to publish (copies of) scripts and programming examples on your own site, blog, vlog, or distribute them on paper or any other medium, without prior written consent.Many of the techniques used in these scripts, including but not limited to modifying the registry or system files and settings, impose a risk of rendering the Operating System inoperable and loss of data. Make sure you have verified full backups and the associated restore software available before running any script or programming example. Use these scripts and programming examples entirely at your own risk. All liability claims against the author in relation to material or non-material losses caused by the use, misuse or non-use of the information provided, or the use of incorrect or incomplete information, are excluded. All content is subject to change and provided without obligation.
Generated by WebHalla™ Version 0.1.e.4 : Thursday 2-4-2020
© Copyright 1995-2020 ing. Johan P.G. van Soest CIPM 
Response Form Cookie- and Privacy statement
Weather in Waalre by 
Temperature 8.77 °C
Wind chill 3.73 °C
Humidity 49 %
Air pressure 1015 hPa
Wind speed 4.1 m/s
Wind direction West 
Sun Rise 7:10 
Sun Set 20:12 
Updated:2020-04-02 11:53:00
