目标:
检查AD中用户认证失败的次数,哪些用户已经锁定,哪些用户即将锁定,可以主动提醒用户。
脚本内容如下:
Import-Module ActiveDirectory
$list = Get-ADUser -SearchBase ";ou=employees,ou=staff,dc=123,dc=com" -Properties * -Filter {BadLogonCount -gt 8} -ResultPageSize 10000 | % {$_.SamAccountName}
$Report = @() ## 定一个空数组
Foreach ($i in $list){
$userinfo = Get-ADUser -id $i -Properties DisplayName,SamAccountName,AccountLockoutTime,BadLogonCount
$DisplayName = $userinfo.DisplayName
$SamAccountName = $i
$AccountLockoutTime = $userinfo.AccountLockoutTime
$BadLogonCount = $userinfo.BadLogonCount
## 自定义个PS对象遍历存储所有用户信息
$Report += New-Object -TypeName psobject -Property @{
SamAccountName = $SamAccountName
DisplayName = $DisplayName
AccountLockoutTime = $AccountLockoutTime
BadLogonCount = $BadLogonCount
}
}
$Report = $Report | Sort-Object -Descending BadLogonCount
## 定义一个数据表
$DataTable = New-Object System.Data.DataTable "DataTable"
$col1 = New-Object system.Data.DataColumn DisplayName,([string])
$col2 = New-Object system.Data.DataColumn SamAccountName,([string])
$col3 = New-Object system.Data.DataColumn AccountLockoutTime,([string])
$col4 = New-Object system.Data.DataColumn BadLogonCount,([string])
## 增加列
$DataTable.Columns.Add($col1)
$DataTable.Columns.Add($col2)
$DataTable.Columns.Add($col3)
$DataTable.Columns.Add($col4)
## 增加数据行
foreach ($entry in $Report){
$row = $DataTable.NewRow()
$row.DisplayName = $entry.DisplayName
$row.SamAccountName = $entry.SamAccountName
$row.AccountLockoutTime = $entry.AccountLockoutTime
$row.BadLogonCount = $entry.BadLogonCount
$DataTable.Rows.Add($row)
}
#Write-Output $DataTable.Rows
## 构造html表头
$HtmlTable = "<table ;border='1' align='Left' cellpadding='2' cellspacing='0' style='color:black;font-family:arial,helvetica,sans-serif;text-align:left;'>
<tr style ='font-size:12px;font-weight: normal;background: #FFFFFF'>
<th ;align=left><b>显示名</b></th>
<th ;align=left><b>登陆名</b></th>
<th ;align=left><b>账号锁定时间</b></th>
<th ;align=left><b>认证失败次数</b></th>
</tr>"
## 构造html表体
foreach ($row in $DataTable)
{
$HtmlTable += "<tr ;style='font-size:12px;background-color:#FFFFFF'>
<td>" + $row.DisplayName + "</td>
<td>" + $row.SamAccountName + "</td>
<td>" + $row.AccountLockoutTime + "</td>
<td>" + $row.BadLogonCount + "</td>
</tr>"
}
## 表尾
$HtmlTable += "</table>"
#Write-Output $HtmlTable
Function SendEmail {
$From = "shi.zhenning@hello.com"
$To = "shi.zhenning@hello.com"
$Subject = "AD账号认证失败次数通知"
$Body = $HtmlTable
$smtpServer = "mail.hello.com"
$smtpPort = 587
$username = "username"
$password = "password"
$SMTPMessage = New-Object System.Net.Mail.MailMessage($From, $To, $Subject, $Body)
$SMTPMessage.IsBodyHTML=$true
$SMTPClient = New-Object Net.Mail.SmtpClient($smtpServer, $SmtpPort)
$SMTPClient.EnableSsl = $true
$SMTPClient.Credentials = New-Object System.Net.NetworkCredential($username, $password);
$SMTPClient.Send($SMTPMessage)
}
SendEmail
通过任务计划定期执行。
效果:
