Solved

Alert for Locked Out Accounts

Posted on 2003-11-24
14
991 Views
Last Modified: 2012-05-04
Are there any free, or at least inexpensive, tools that will alert me when someone's account has become locked out?

Thanks for your help!
0
Comment
Question by:preisman
  • 7
  • 6
14 Comments
 
LVL 49

Expert Comment

by:sunray_2003
Comment Utility
Dear preisman,

hmm.. not sure..

You may want to check here

http://www.labmice.net/Utilities/default.htm

Thanks,
Sunray
0
 
LVL 3

Expert Comment

by:ToolMan
Comment Utility
Hi,
what you can do is, schedule a script that "scans" your locled accounts and sends a mail / report when it got hits.
you can achive this by using the resourcekit utils from W2000 or using vbscript/javascript.

regards
0
 

Author Comment

by:preisman
Comment Utility
Very interesting - can you provide more details on how to do this from the resource kit?  
0
 
LVL 3

Expert Comment

by:ToolMan
Comment Utility
Hi,
i've created this script -->
' BOF
'*******************************************************************************************
Call Main
'*
'*******************************************************************************************
'*
sub main()
call findAccounts("c:\temp\lockedacc.txt")
end sub
'*
'*******************************************************************************************
'*
Sub fCreateFile(Filename,Data)
   Const ForReading = 1, ForWriting = 2
   Dim fso, f
   Set fso = CreateObject("Scripting.FileSystemObject")
   Set f = fso.OpenTextFile(Filename, ForWriting, True)
   f.WriteLine Data    
   f.Close
End Sub
'*
'*******************************************************************************************
'*
sub findAccounts(logFile)
On Error Resume Next
strComputer = "."
info = ""
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colItems = objWMIService.ExecQuery("Select * from Win32_UserAccount",,48)
For Each objItem in colItems
      if objItem.Lockout = True or objItem.Disabled = True then
          info = info & "*******************************" & vbcrlf
          info = info & "Name: " & objItem.Name
          info = info & vbcrlf         
          info = info & "Lockout: " & objItem.Lockout
          info = info & vbcrlf
          info = info & "Disabled : " & objItem.Disabled
          info = info & vbcrlf
          info = info & "*******************************" & vbcrlf
      end if
Next
if info <> "" then
      info = "This is a list of disabled and locked accounts........" & vbcrlf & info
      call fCreateFile(logFile,info)
      call sendthemail(logFile)
end if
end sub
'*
'*******************************************************************************************
'*
sub sendthemail(logFile)
from ="root@localhost.com"
host = "smtp.wxs.nl"
toAdd = "c:\temp\to.txt"
shellCommand ="Sendmail /FROM=" & from & " /HOST="& host & " /TO=" & toAdd & " /REF=AccountLockedOut /MESSAGE=" & logFile
    Set WshShell = WScript.CreateObject("WScript.Shell")
    Return = WshShell.Run(shellCommand)
End Sub    
'EOF
'*********************************************

and this what the result of the mail -->
'BOF
This is a list of disabled and locked accounts........
*******************************
Name: Guest
Lockout: False
Disabled : True
*******************************
*******************************
Name: krbtgt
Lockout: False
Disabled : True
*******************************
*******************************
Name: SUPPORT_388945a0
Lockout: False
Disabled : True
*******************************
*******************************
Name: test
Lockout: False
Disabled : True
*******************************
'EOF

It was executed on windows 2003 DC but can also be used on a windows 2000 server with vbscript version 5.6
besides this, i used the sendmail tool, if you can provide an email address i can mail it to you.
0
 

Author Comment

by:preisman
Comment Utility
ToolMan, thank you so much for your help - this is  terrific.

I just need help, if you could, with 2 more steps:

1.  The script seems to be running, and creates the file with the header, but does not pull through any account information.  I removed the if-then clause, which should have resulted in a file with all of our accounts, but again just resulted in a blank file, save for the headers.

2.  The email piece does not seem to be firing.  Or at least I am not getting an email.  

I have included the entire script below for your reference - any ideas?

Thanks again-

*************************

<SCRIPT LANGUAGE="VBScript">
<!--
   


' BOF
'*******************************************************************************************
Call Main
'*
'*******************************************************************************************
'*
sub main()
call findAccounts("c:\temp\lockedacc.txt")
end sub
'*
'*******************************************************************************************
'*
Sub fCreateFile(Filename,Data)
   Const ForReading = 1, ForWriting = 2
   Dim fso, f
   Set fso = CreateObject("Scripting.FileSystemObject")
   Set f = fso.OpenTextFile(Filename, ForWriting, True)
   f.WriteLine Data    
   f.Close
End Sub
'*
'*******************************************************************************************
'*
sub findAccounts(logFile)
On Error Resume Next
strComputer = "."
info = ""
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colItems = objWMIService.ExecQuery("Select * from Win32_UserAccount",,48)
For Each objItem in colItems
     'if objItem.Lockout = True or objItem.Disabled = True then
         info = info & "*******************************" & vbcrlf
         info = info & "Name: " & objItem.Name
         info = info & vbcrlf        
         info = info & "Lockout: " & objItem.Lockout
         info = info & vbcrlf
         info = info & "Disabled : " & objItem.Disabled
         info = info & vbcrlf
         info = info & "*******************************" & vbcrlf
     'end if
Next
if info <> "" then
     info = "This is a list of CCE disabled and locked accounts........" & vbcrlf & info
     call fCreateFile(logFile,info)
     call sendthemail(logFile)
end if
end sub
'*
'*******************************************************************************************
'*
sub sendthemail(logFile)
from ="ithelp@cce-inc.com"
host = "mail.cce-inc.com"
toAdd = "c:\temp\to.txt"
shellCommand ="Sendmail /FROM=" & from & " /HOST="& host & " /TO=" & toAdd & " /REF=AccountLockedOut /MESSAGE=" & logFile
    Set WshShell = WScript.CreateObject("WScript.Shell")
    Return = WshShell.Run(shellCommand)
End Sub    
'EOF
'*********************************************

-->
</SCRIPT>
0
 
LVL 3

Expert Comment

by:ToolMan
Comment Utility
Hi there,
hmmm, it should have worked, i tried it on my own workstation (windows 2003 server) and it worked.......
what you can do is, remark the "on error resume next" so that isn't interpeted by the interpeter and then execute the script see what happens,
this script should be run on the server where the useraccounts are located and VBscipt5.6 should be installed too (availible at www.microsoft.com/downloads).

besides this, you need to download the sendmail tool (freeware) from http://www.dato.at/download/freeware/sendmail.zip to send them mail (sorry was forgotten to send you the link)

let me know if you had any poblem

Regards
0
 

Author Comment

by:preisman
Comment Utility
I am running Windows 2000 server, not 2003 - would that make a difference?  

Remarking out the 'on error resume next' causes an error, and the file does not get created.
0
Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

 
LVL 3

Expert Comment

by:ToolMan
Comment Utility
Could you post the error plz, then i can have a look on it.
i tested the script (a few min ago) on a 2000 server, that did gave any error, soo, i think it has to do something porbably with the version of the vbscript interpeter.
if you post the error, then i can say it more precisely.
0
 

Author Comment

by:preisman
Comment Utility
Sure, and thanks again - error reads:

Line: 33
Char: 1
Error: ActiveX component can't create object: 'GetObject'
Code: 0
URL: file://S:\LockedAccounts.htm
0
 
LVL 3

Expert Comment

by:ToolMan
Comment Utility
hi, i think the error is caused due an old version of the Vbscript interpeter, you might want to upgrade tp version 5.6 (downloadable at www.microsoft.com/download) and try it again
0
 

Author Comment

by:preisman
Comment Utility
Unfortuantely, I had installed 5.6 before getting this error; to validate this I went to a machine without 5.6 and got the same error message.

I think the error occurs on the GetObject command (Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2").  

Since strComputer is set to ".", the object is:

"winmgmts:\\.\root\cimv2")"

Does that look right to you??
0
 
LVL 3

Accepted Solution

by:
ToolMan earned 500 total points
Comment Utility
hmmm,
that looks like a WMI error, is it possible that the "Windows Management Instrumentation" service is not running on the station where this script it running ?
(am not show why you are getting this error, byt the value strComputer is correct the "." stands for localhost)
let me know how it went
regards
0
 

Author Comment

by:preisman
Comment Utility
Toolman, I was able to get this going in a slightly different way...but you definitely put me on the right path, and I never would have gotten there without you.  

I can't thank you enough for your help-

Take care-

--Geoff
0
 
LVL 3

Expert Comment

by:ToolMan
Comment Utility
Hi,
am glad i could be of any service,

goodluck


Regards
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Windows Explorer GUI to handle Long Paths? 3 430
Why won't wireshark open my tcpdump file from linux 13 2,918
Images sometimes not printed 6 466
Windows 7 7 255
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now