It recently occurred to me, that whilst my current full-time position is an IT Systems Manager, the majority of my blog posts thus far, have been more web centric – which is great, as I love the web and web technologies!
However, I felt in the interest of balance, I should introduce a few more tips and tricks that we use on a regular basis, in a more ‘operations’ capacity.
This post is a QuickTip, in the sense that it won’t digress into inner details, the whys and wherefores; designed to be quickly referenced.
You have an Network Password Policy in place – you would like to be notified (preferably by email) when an account is locked out.
In truth, there are numerous solutions on the internet about how to implement this functionality - this post is just how we do it.
Place a copy of the below PowerShell script in an appropriate folder on your Domain Controller (configure relevant email variables in the script, accordingly).
Schedule a task on your Domain Controller, to trigger whenever the event log receives a Security Log Event 4740.
Set the task scheduler action to Start a Program (path to the local PowerShell executable).
Pass in the the PowerShell script as an optional argument using the –file switch.
(example: -file "\LockOutNotification.ps1")
You should now receive an email notification each time a user account is locked out.
(please note: as mentioned previously in this article, there a numerous posts on the internet about how to perform this functionality, and I would not wish to claim any form of unique authorship of the procedure – this is just the method that we have implemented at St Mary’s Shaftesbury)