检查AD账号认证失败次数并发送邮件至管理员

检查AD账号认证失败次数并发送邮件至管理员

目标

检查AD中用户认证失败的次数，哪些用户已经锁定，哪些用户即将锁定，可以主动提醒用户。

实现

脚本内容如下:

Import-Module ActiveDirectory $list = Get-ADUser -SearchBase "ou=employees,ou=staff,dc=hello,dc=com" -Properties * -Filter {BadLogonCount -gt 8} -ResultPageSize 10000 | % {$_.SamAccountName} $Report = @() ## 定一个空数组 Foreach ($i in $list){ $userinfo = Get-ADUser -id $i -Properties DisplayName,SamAccountName,AccountLockoutTime,BadLogonCount $DisplayName = $userinfo.DisplayName $SamAccountName = $i $AccountLockoutTime = $userinfo.AccountLockoutTime $BadLogonCount = $userinfo.BadLogonCount ## 自定义个PS对象遍历存储所有用户信息 $Report += New-Object -TypeName psobject -Property @{ SamAccountName = $SamAccountName DisplayName = $DisplayName AccountLockoutTime = $AccountLockoutTime BadLogonCount = $BadLogonCount } } $Report = $Report | Sort-Object -Descending BadLogonCount ## 定义一个数据表 $DataTable = New-Object System.Data.DataTable "DataTable" $col1 = New-Object system.Data.DataColumn DisplayName,([string]) $col2 = New-Object system.Data.DataColumn SamAccountName,([string]) $col3 = New-Object system.Data.DataColumn AccountLockoutTime,([string]) $col4 = New-Object system.Data.DataColumn BadLogonCount,([string]) ## 增加列 $DataTable.Columns.Add($col1) $DataTable.Columns.Add($col2) $DataTable.Columns.Add($col3) $DataTable.Columns.Add($col4) ## 增加数据行 foreach ($entry in $Report){ $row = $DataTable.NewRow() $row.DisplayName = $entry.DisplayName $row.SamAccountName = $entry.SamAccountName $row.AccountLockoutTime = $entry.AccountLockoutTime $row.BadLogonCount = $entry.BadLogonCount $DataTable.Rows.Add($row) } #Write-Output $DataTable.Rows ## 构造html表头 $HtmlTable = "

" ## 构造html表体 foreach ($row in $DataTable) { $HtmlTable += "" } ## 表尾 $HtmlTable += "

显示名	登陆名	账号锁定时间	认证失败次数
" + $row.DisplayName + "	" + $row.SamAccountName + "	" + $row.AccountLockoutTime + "	" + $row.BadLogonCount + "

" #Write-Output $HtmlTable Function SendEmail { $From = "shi.zhenning@hello.com" $To = "shi.zhenning@hello.com" $Subject = "AD账号认证失败次数通知" $Body = $HtmlTable $smtpServer = "mail.hello.com" $smtpPort = 587 $username = "username" $password = "password" $SMTPMessage = New-Object System.Net.Mail.MailMessage($From, $To, $Subject, $Body) $SMTPMessage.IsBodyHTML=$true $SMTPClient = New-Object Net.Mail.SmtpClient($smtpServer, $SmtpPort) $SMTPClient.EnableSsl = $true $SMTPClient.Credentials = New-Object System.Net.NetworkCredential($username, $password); $SMTPClient.Send($SMTPMessage) } SendEmail

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。