<div>
Thanks Jose,<br><br>Hope my request is now easy to read and understand<br><br>Cheers
</div>


Thanks Jose,

Hope my request is now easy to read and understand

Cheers

Systems Engineer

Jerry Seinfield

<div>
I know this doesn't directly address your request but you could try the MS tool already designed to do this.<br><a href="https://www.microsoft.com/en-us/download/details.aspx?id=18465" rel="ugc">Download Account Lockout and Management Tools from Official Microsoft Download Center</a>&nbsp;<br><br><br>
</div>


I know this doesn't directly address your request but you could try the MS tool already designed to do this.
Download Account Lockout and Management Tools from Official Microsoft Download Center [https://www.microsoft.com/en-us/download/details.aspx?id=18465] 




<div>
<div class="content wysiwyg-content fr-view">
Hello Experts,<br><br>Instead of looking at the event ID ID 4740 and 4741 for every single DC in the domain under the security logs, can someone please help me to identify all events 4740 and 4741 for a single service account named xxxx jn a given domain for the past 24 hours, and export the occurrences to a csv file?<br><br>The script should be able to perform a query for domain controllers on prem as well as Azure, then return the results to a csv file<br><br><br>
</div>
</div>



Hello Experts,
Instead of looking at the event ID ID 4740 and 4741 for every single DC in the domain under the security logs, can someone please help me to identify all events 4740 and 4741 for a single service account named xxxx jn a given domain for the past 24 hours, and export the occurrences to a csv file?
The script should be able to perform a query for domain controllers on prem as well as Azure, then return the results to a csv file

PS script to detect the source of locked accounts in AD and Azure AD

Windows PowerShell is a task automation and configuration management framework from Microsoft, consisting of a command-line shell and associated scripting language built on the .NET Framework. PowerShell provides full access to the Component Object Model (COM) and Windows Management Instrumentation (WMI), enabling administrators to perform administrative tasks on both local and remote Windows systems as well as WS-Management and Common Information Model (CIM) enabling management of remote Linux systems and network devices.

Powershell

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.

Active Directory

Microsoft Azure is a cloud computing platform and infrastructure for building, deploying and managing applications and services through datacenters. It provides both platform-as-a-service (PaaS) and infrastructure-as-a-service (IaaS) services and supports many different programming languages, tools and frameworks, including both Microsoft-specific and third-party software and systems. Cloud Services is a PaaS environment and can be used to create scalable applications and services; there are specific software development kits (SDKs) provided by Microsoft for Python, Java, Node.js and .NET. Azure also has file and storage services, data management, analytics and DNS services.