Solved

Alert for Locked Out Accounts

Posted on 2003-11-24
14
995 Views
Last Modified: 2012-05-04
Are there any free, or at least inexpensive, tools that will alert me when someone's account has become locked out?

Thanks for your help!
0
Comment
Question by:preisman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 6
14 Comments
 
LVL 49

Expert Comment

by:sunray_2003
ID: 9812606
Dear preisman,

hmm.. not sure..

You may want to check here

http://www.labmice.net/Utilities/default.htm

Thanks,
Sunray
0
 
LVL 3

Expert Comment

by:ToolMan
ID: 9813947
Hi,
what you can do is, schedule a script that "scans" your locled accounts and sends a mail / report when it got hits.
you can achive this by using the resourcekit utils from W2000 or using vbscript/javascript.

regards
0
 

Author Comment

by:preisman
ID: 9814084
Very interesting - can you provide more details on how to do this from the resource kit?  
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 
LVL 3

Expert Comment

by:ToolMan
ID: 9814523
Hi,
i've created this script -->
' BOF
'*******************************************************************************************
Call Main
'*
'*******************************************************************************************
'*
sub main()
call findAccounts("c:\temp\lockedacc.txt")
end sub
'*
'*******************************************************************************************
'*
Sub fCreateFile(Filename,Data)
   Const ForReading = 1, ForWriting = 2
   Dim fso, f
   Set fso = CreateObject("Scripting.FileSystemObject")
   Set f = fso.OpenTextFile(Filename, ForWriting, True)
   f.WriteLine Data    
   f.Close
End Sub
'*
'*******************************************************************************************
'*
sub findAccounts(logFile)
On Error Resume Next
strComputer = "."
info = ""
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colItems = objWMIService.ExecQuery("Select * from Win32_UserAccount",,48)
For Each objItem in colItems
      if objItem.Lockout = True or objItem.Disabled = True then
          info = info & "*******************************" & vbcrlf
          info = info & "Name: " & objItem.Name
          info = info & vbcrlf         
          info = info & "Lockout: " & objItem.Lockout
          info = info & vbcrlf
          info = info & "Disabled : " & objItem.Disabled
          info = info & vbcrlf
          info = info & "*******************************" & vbcrlf
      end if
Next
if info <> "" then
      info = "This is a list of disabled and locked accounts........" & vbcrlf & info
      call fCreateFile(logFile,info)
      call sendthemail(logFile)
end if
end sub
'*
'*******************************************************************************************
'*
sub sendthemail(logFile)
from ="root@localhost.com"
host = "smtp.wxs.nl"
toAdd = "c:\temp\to.txt"
shellCommand ="Sendmail /FROM=" & from & " /HOST="& host & " /TO=" & toAdd & " /REF=AccountLockedOut /MESSAGE=" & logFile
    Set WshShell = WScript.CreateObject("WScript.Shell")
    Return = WshShell.Run(shellCommand)
End Sub    
'EOF
'*********************************************

and this what the result of the mail -->
'BOF
This is a list of disabled and locked accounts........
*******************************
Name: Guest
Lockout: False
Disabled : True
*******************************
*******************************
Name: krbtgt
Lockout: False
Disabled : True
*******************************
*******************************
Name: SUPPORT_388945a0
Lockout: False
Disabled : True
*******************************
*******************************
Name: test
Lockout: False
Disabled : True
*******************************
'EOF

It was executed on windows 2003 DC but can also be used on a windows 2000 server with vbscript version 5.6
besides this, i used the sendmail tool, if you can provide an email address i can mail it to you.
0
 

Author Comment

by:preisman
ID: 9817810
ToolMan, thank you so much for your help - this is  terrific.

I just need help, if you could, with 2 more steps:

1.  The script seems to be running, and creates the file with the header, but does not pull through any account information.  I removed the if-then clause, which should have resulted in a file with all of our accounts, but again just resulted in a blank file, save for the headers.

2.  The email piece does not seem to be firing.  Or at least I am not getting an email.  

I have included the entire script below for your reference - any ideas?

Thanks again-

*************************

<SCRIPT LANGUAGE="VBScript">
<!--
   


' BOF
'*******************************************************************************************
Call Main
'*
'*******************************************************************************************
'*
sub main()
call findAccounts("c:\temp\lockedacc.txt")
end sub
'*
'*******************************************************************************************
'*
Sub fCreateFile(Filename,Data)
   Const ForReading = 1, ForWriting = 2
   Dim fso, f
   Set fso = CreateObject("Scripting.FileSystemObject")
   Set f = fso.OpenTextFile(Filename, ForWriting, True)
   f.WriteLine Data    
   f.Close
End Sub
'*
'*******************************************************************************************
'*
sub findAccounts(logFile)
On Error Resume Next
strComputer = "."
info = ""
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colItems = objWMIService.ExecQuery("Select * from Win32_UserAccount",,48)
For Each objItem in colItems
     'if objItem.Lockout = True or objItem.Disabled = True then
         info = info & "*******************************" & vbcrlf
         info = info & "Name: " & objItem.Name
         info = info & vbcrlf        
         info = info & "Lockout: " & objItem.Lockout
         info = info & vbcrlf
         info = info & "Disabled : " & objItem.Disabled
         info = info & vbcrlf
         info = info & "*******************************" & vbcrlf
     'end if
Next
if info <> "" then
     info = "This is a list of CCE disabled and locked accounts........" & vbcrlf & info
     call fCreateFile(logFile,info)
     call sendthemail(logFile)
end if
end sub
'*
'*******************************************************************************************
'*
sub sendthemail(logFile)
from ="ithelp@cce-inc.com"
host = "mail.cce-inc.com"
toAdd = "c:\temp\to.txt"
shellCommand ="Sendmail /FROM=" & from & " /HOST="& host & " /TO=" & toAdd & " /REF=AccountLockedOut /MESSAGE=" & logFile
    Set WshShell = WScript.CreateObject("WScript.Shell")
    Return = WshShell.Run(shellCommand)
End Sub    
'EOF
'*********************************************

-->
</SCRIPT>
0
 
LVL 3

Expert Comment

by:ToolMan
ID: 9817857
Hi there,
hmmm, it should have worked, i tried it on my own workstation (windows 2003 server) and it worked.......
what you can do is, remark the "on error resume next" so that isn't interpeted by the interpeter and then execute the script see what happens,
this script should be run on the server where the useraccounts are located and VBscipt5.6 should be installed too (availible at www.microsoft.com/downloads).

besides this, you need to download the sendmail tool (freeware) from http://www.dato.at/download/freeware/sendmail.zip to send them mail (sorry was forgotten to send you the link)

let me know if you had any poblem

Regards
0
 

Author Comment

by:preisman
ID: 9818050
I am running Windows 2000 server, not 2003 - would that make a difference?  

Remarking out the 'on error resume next' causes an error, and the file does not get created.
0
 
LVL 3

Expert Comment

by:ToolMan
ID: 9818085
Could you post the error plz, then i can have a look on it.
i tested the script (a few min ago) on a 2000 server, that did gave any error, soo, i think it has to do something porbably with the version of the vbscript interpeter.
if you post the error, then i can say it more precisely.
0
 

Author Comment

by:preisman
ID: 9818400
Sure, and thanks again - error reads:

Line: 33
Char: 1
Error: ActiveX component can't create object: 'GetObject'
Code: 0
URL: file://S:\LockedAccounts.htm
0
 
LVL 3

Expert Comment

by:ToolMan
ID: 9819042
hi, i think the error is caused due an old version of the Vbscript interpeter, you might want to upgrade tp version 5.6 (downloadable at www.microsoft.com/download) and try it again
0
 

Author Comment

by:preisman
ID: 9819420
Unfortuantely, I had installed 5.6 before getting this error; to validate this I went to a machine without 5.6 and got the same error message.

I think the error occurs on the GetObject command (Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2").  

Since strComputer is set to ".", the object is:

"winmgmts:\\.\root\cimv2")"

Does that look right to you??
0
 
LVL 3

Accepted Solution

by:
ToolMan earned 500 total points
ID: 9827197
hmmm,
that looks like a WMI error, is it possible that the "Windows Management Instrumentation" service is not running on the station where this script it running ?
(am not show why you are getting this error, byt the value strComputer is correct the "." stands for localhost)
let me know how it went
regards
0
 

Author Comment

by:preisman
ID: 9828764
Toolman, I was able to get this going in a slightly different way...but you definitely put me on the right path, and I never would have gotten there without you.  

I can't thank you enough for your help-

Take care-

--Geoff
0
 
LVL 3

Expert Comment

by:ToolMan
ID: 9830306
Hi,
am glad i could be of any service,

goodluck


Regards
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
VSS on host & VM 10 424
Need to recover old Windows backup files in Windows 7 6 686
Screen Mirroring 7 112
Virtual box guest operating system will not start 15 77
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Dramatic changes are revolutionizing how we build and use technology. Every company is automating, digitizing, and modernizing operations. We need a better, more connected way to work together as teams so we can harness the insights from our system…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…
Suggested Courses

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question