Alert for Locked Out Accounts

Are there any free, or at least inexpensive, tools that will alert me when someone's account has become locked out?

Thanks for your help!
preismanAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

sunray_2003Commented:
Dear preisman,

hmm.. not sure..

You may want to check here

http://www.labmice.net/Utilities/default.htm

Thanks,
Sunray
0
ToolManCommented:
Hi,
what you can do is, schedule a script that "scans" your locled accounts and sends a mail / report when it got hits.
you can achive this by using the resourcekit utils from W2000 or using vbscript/javascript.

regards
0
preismanAuthor Commented:
Very interesting - can you provide more details on how to do this from the resource kit?  
0
Cloud Class® Course: Python 3 Fundamentals

This course will teach participants about installing and configuring Python, syntax, importing, statements, types, strings, booleans, files, lists, tuples, comprehensions, functions, and classes.

ToolManCommented:
Hi,
i've created this script -->
' BOF
'*******************************************************************************************
Call Main
'*
'*******************************************************************************************
'*
sub main()
call findAccounts("c:\temp\lockedacc.txt")
end sub
'*
'*******************************************************************************************
'*
Sub fCreateFile(Filename,Data)
   Const ForReading = 1, ForWriting = 2
   Dim fso, f
   Set fso = CreateObject("Scripting.FileSystemObject")
   Set f = fso.OpenTextFile(Filename, ForWriting, True)
   f.WriteLine Data    
   f.Close
End Sub
'*
'*******************************************************************************************
'*
sub findAccounts(logFile)
On Error Resume Next
strComputer = "."
info = ""
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colItems = objWMIService.ExecQuery("Select * from Win32_UserAccount",,48)
For Each objItem in colItems
      if objItem.Lockout = True or objItem.Disabled = True then
          info = info & "*******************************" & vbcrlf
          info = info & "Name: " & objItem.Name
          info = info & vbcrlf         
          info = info & "Lockout: " & objItem.Lockout
          info = info & vbcrlf
          info = info & "Disabled : " & objItem.Disabled
          info = info & vbcrlf
          info = info & "*******************************" & vbcrlf
      end if
Next
if info <> "" then
      info = "This is a list of disabled and locked accounts........" & vbcrlf & info
      call fCreateFile(logFile,info)
      call sendthemail(logFile)
end if
end sub
'*
'*******************************************************************************************
'*
sub sendthemail(logFile)
from ="root@localhost.com"
host = "smtp.wxs.nl"
toAdd = "c:\temp\to.txt"
shellCommand ="Sendmail /FROM=" & from & " /HOST="& host & " /TO=" & toAdd & " /REF=AccountLockedOut /MESSAGE=" & logFile
    Set WshShell = WScript.CreateObject("WScript.Shell")
    Return = WshShell.Run(shellCommand)
End Sub    
'EOF
'*********************************************

and this what the result of the mail -->
'BOF
This is a list of disabled and locked accounts........
*******************************
Name: Guest
Lockout: False
Disabled : True
*******************************
*******************************
Name: krbtgt
Lockout: False
Disabled : True
*******************************
*******************************
Name: SUPPORT_388945a0
Lockout: False
Disabled : True
*******************************
*******************************
Name: test
Lockout: False
Disabled : True
*******************************
'EOF

It was executed on windows 2003 DC but can also be used on a windows 2000 server with vbscript version 5.6
besides this, i used the sendmail tool, if you can provide an email address i can mail it to you.
0
preismanAuthor Commented:
ToolMan, thank you so much for your help - this is  terrific.

I just need help, if you could, with 2 more steps:

1.  The script seems to be running, and creates the file with the header, but does not pull through any account information.  I removed the if-then clause, which should have resulted in a file with all of our accounts, but again just resulted in a blank file, save for the headers.

2.  The email piece does not seem to be firing.  Or at least I am not getting an email.  

I have included the entire script below for your reference - any ideas?

Thanks again-

*************************

<SCRIPT LANGUAGE="VBScript">
<!--
   


' BOF
'*******************************************************************************************
Call Main
'*
'*******************************************************************************************
'*
sub main()
call findAccounts("c:\temp\lockedacc.txt")
end sub
'*
'*******************************************************************************************
'*
Sub fCreateFile(Filename,Data)
   Const ForReading = 1, ForWriting = 2
   Dim fso, f
   Set fso = CreateObject("Scripting.FileSystemObject")
   Set f = fso.OpenTextFile(Filename, ForWriting, True)
   f.WriteLine Data    
   f.Close
End Sub
'*
'*******************************************************************************************
'*
sub findAccounts(logFile)
On Error Resume Next
strComputer = "."
info = ""
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colItems = objWMIService.ExecQuery("Select * from Win32_UserAccount",,48)
For Each objItem in colItems
     'if objItem.Lockout = True or objItem.Disabled = True then
         info = info & "*******************************" & vbcrlf
         info = info & "Name: " & objItem.Name
         info = info & vbcrlf        
         info = info & "Lockout: " & objItem.Lockout
         info = info & vbcrlf
         info = info & "Disabled : " & objItem.Disabled
         info = info & vbcrlf
         info = info & "*******************************" & vbcrlf
     'end if
Next
if info <> "" then
     info = "This is a list of CCE disabled and locked accounts........" & vbcrlf & info
     call fCreateFile(logFile,info)
     call sendthemail(logFile)
end if
end sub
'*
'*******************************************************************************************
'*
sub sendthemail(logFile)
from ="ithelp@cce-inc.com"
host = "mail.cce-inc.com"
toAdd = "c:\temp\to.txt"
shellCommand ="Sendmail /FROM=" & from & " /HOST="& host & " /TO=" & toAdd & " /REF=AccountLockedOut /MESSAGE=" & logFile
    Set WshShell = WScript.CreateObject("WScript.Shell")
    Return = WshShell.Run(shellCommand)
End Sub    
'EOF
'*********************************************

-->
</SCRIPT>
0
ToolManCommented:
Hi there,
hmmm, it should have worked, i tried it on my own workstation (windows 2003 server) and it worked.......
what you can do is, remark the "on error resume next" so that isn't interpeted by the interpeter and then execute the script see what happens,
this script should be run on the server where the useraccounts are located and VBscipt5.6 should be installed too (availible at www.microsoft.com/downloads).

besides this, you need to download the sendmail tool (freeware) from http://www.dato.at/download/freeware/sendmail.zip to send them mail (sorry was forgotten to send you the link)

let me know if you had any poblem

Regards
0
preismanAuthor Commented:
I am running Windows 2000 server, not 2003 - would that make a difference?  

Remarking out the 'on error resume next' causes an error, and the file does not get created.
0
ToolManCommented:
Could you post the error plz, then i can have a look on it.
i tested the script (a few min ago) on a 2000 server, that did gave any error, soo, i think it has to do something porbably with the version of the vbscript interpeter.
if you post the error, then i can say it more precisely.
0
preismanAuthor Commented:
Sure, and thanks again - error reads:

Line: 33
Char: 1
Error: ActiveX component can't create object: 'GetObject'
Code: 0
URL: file://S:\LockedAccounts.htm
0
ToolManCommented:
hi, i think the error is caused due an old version of the Vbscript interpeter, you might want to upgrade tp version 5.6 (downloadable at www.microsoft.com/download) and try it again
0
preismanAuthor Commented:
Unfortuantely, I had installed 5.6 before getting this error; to validate this I went to a machine without 5.6 and got the same error message.

I think the error occurs on the GetObject command (Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2").  

Since strComputer is set to ".", the object is:

"winmgmts:\\.\root\cimv2")"

Does that look right to you??
0
ToolManCommented:
hmmm,
that looks like a WMI error, is it possible that the "Windows Management Instrumentation" service is not running on the station where this script it running ?
(am not show why you are getting this error, byt the value strComputer is correct the "." stands for localhost)
let me know how it went
regards
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
preismanAuthor Commented:
Toolman, I was able to get this going in a slightly different way...but you definitely put me on the right path, and I never would have gotten there without you.  

I can't thank you enough for your help-

Take care-

--Geoff
0
ToolManCommented:
Hi,
am glad i could be of any service,

goodluck


Regards
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 2000

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.