Well, I guess we should start a conversation about what we want a AD check to look for. My list of potentials: 1) How many users are locked out 2) How many users haven't logged in since xx/yy/zz 3) How many machines haven't logged in since xx/yy/zz 4) How many days until "myAccount" expires I know I've seen some scripts online somewhere that supposedly do these things, but I can't remember where.
Michael D. Shook Systems Analyst - Data Integration Saddle Creek Corporation [EMAIL PROTECTED] (mailto:[EMAIL PROTECTED]) 863 668 4477 (work) 863 665 1261 (fax) www.saddlecrk.com (http://www.saddlecrk.com/) -------------------------------------------------------------------------------- From: Servers Alive Discussion List [mailto:[EMAIL PROTECTED] On Behalf Of Dirk Bulinckx Sent: Tuesday, December 05, 2006 1:06 PM To: Servers Alive Discussion List Subject: RE: [SA-list] AD Scripting Do I understand correctly that this would be a COM check that executes a VBScript (written by "you") and that checks for the return value of a function? Dirk Bulinckx. -------------------------------------------------------------------------------- From: Servers Alive Discussion List [mailto:[EMAIL PROTECTED] On Behalf Of Michael Shook Sent: Friday, December 01, 2006 2:36 PM To: Servers Alive Discussion List Subject: RE: [SA-list] AD Scripting I'll second that! Sounds like an excellent external COM check, if there are any programmers out there... Michael D. Shook Systems Analyst - Data Integration Saddle Creek Corporation [EMAIL PROTECTED] (mailto:[EMAIL PROTECTED]) 863 668 4477 (work) 863 860 4070 (cell) 863 665 1261 (fax) www.saddlecrk.com (http://www.saddlecrk.com/) -------------------------------------------------------------------------------- From: Servers Alive Discussion List [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Friday, December 01, 2006 6:06 AM To: Servers Alive Discussion List Subject: Re: [SA-list] AD Scripting Interesting! If you work out how to do it (from within SA or otherwise) please let me know - I'd be extremely interested! (Would that script check all domain controllers?) Could one do other things with this method - such as check which users haven't changed their password, or which users haven't logged in for x days? Ian _________________________________ Ian K Gray OEL IS - European Infrastructure Support Tel: +44 1236 502661 Mob: +44 7881 518854 "Tobie Fysh" <[EMAIL PROTECTED]> Sent by: Servers Alive Discussion List <salive@woodstone.nu> 01/12/2006 08:50 Please respond to Servers Alive Discussion List <salive@woodstone.nu> To Servers Alive Discussion List <salive@woodstone.nu> cc Subject [SA-list] AD Scripting Hi all, Anyone running any scripts against AD to get results back? I want to have this one: (&(&(objectCategory=Person)(objectClass=User)(lockoutTime>=1))) reporting locked out users....... Regards, Tobie Fysh Operational Support Analyst Freebridge Community Housing Direct Line : 01553 667796 Mobile : 07771 854283 Fax : 01553 667702 Email : [EMAIL PROTECTED] (mailto:[EMAIL PROTECTED]) This e-mail (including any attachments), is confidential and intended only for the use of the addressee(s). It may contain information covered by legal, professional or other privilege. If you are not an addressee, please inform the sender immediately and destroy this e-mail. Do not copy, use or disclose this e-mail. E-mail transmission cannot be guaranteed to be secure or error free. The sender does not accept liability for any errors or omissions in the contents of this message which arise as a result of e-mail transmission. If verification is required please request a hard copy version. ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ To unsubscribe send a message with UNSUBSCRIBE as subject to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), then make sure that they are not send to the list nor to the individual members of the list that send a message. Doing this will get you removed from the list. To unsubscribe send a message with UNSUBSCRIBE as subject to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), then make sure that they are not send to the list nor to the individual members of the list that send a message. Doing this will get you removed from the list. -------------------------------------- The information contained in this message is intended only for the use of the addressee. If the reader of this message is not the intended recipient or agent of the intended recipient, you are hereby notified that any dissemination, distribution, or copying of the message is strictly prohibited. To unsubscribe send a message with UNSUBSCRIBE as subject to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), then make sure that they are not send to the list nor to the individual members of the list that send a message. Doing this will get you removed from the list. To unsubscribe send a message with UNSUBSCRIBE as subject to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), then make sure that they are not send to the list nor to the individual members of the list that send a message. Doing this will get you removed from the list. -------------------------------------- The information contained in this message is intended only for the use of the addressee. If the reader of this message is not the intended recipient or agent of the intended recipient, you are hereby notified that any dissemination, distribution, or copying of the message is strictly prohibited. To unsubscribe send a message with UNSUBSCRIBE as subject to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), then make sure that they are not send to the list nor to the individual members of the list that send a message. Doing this will get you removed from the list.
