Build precise queries to find exactly what you need
Press ESC to close
@safurniss
Favorites1
Views302
Projects3
I've modified the powershell script so that you can pass an additional parameter of either "UsersOnly" or "ComputersOnly" otherwise it returns values for both users and computers objects. # ==================================================================== # Search in AD for lockedout account. To be used through NRPE / nsclient++ # Author: Mathieu Chateau - LOTP # mail: [email protected] # version 0.1 # ==================================================================== # # Require Set-ExecutionPolicy RemoteSigned.. or sign this script with your PKI # # ============================================================ # # Do not change anything behind that line! # param ( [string]$action = "LockedOut", [string]$accountType = "", [string]$searchBase = "", [string]$searchScope = "Subtree", [int]$maxWarn = 5, [int]$maxCrit = 10 ) # check that powershell ActiveDirectory module is present if(Get-Module -Name "ActiveDirectory" -ListAvailable) { try { Import-Module -Name ActiveDirectory } catch { Write-Host "CRITICAL: Missing PowerShell ActiveDirectory module" exit 2 } } else { Write-Host "CRITICAL: Missing PowerShell ActiveDirectory module" exit 2 } # check params if provided if($action -notmatch "^(AccountDisabled|AccountExpired|AccountExpiring|AccountInactive|LockedOut|PasswordExpired|PasswordNeverExpires)$") { Write-Host "CRITICAL: action parameter can only be AccountDisabled,AccountExpired,AccountExpiring,AccountInactive,LockedOut,PasswordExpired,PasswordNeverExpires. Provided $action" exit 2 } if($accountType -notmatch "^(UsersOnly|ComputersOnly)$") { Write-Host "CRITICAL: accountType can only be UsersOnly,ComputersOnly. Provided $acctType" } if($searchScope -notmatch "^(Base|OneLevel|Subtree)$") { Write-Host "CRITICAL: searchScope parameter can only be Base,OneLevel,Subtree. Provided $searchScope" exit 2 } if(($searchBase -ne "") -and $searchBase -ne ((Get-ADDomain).DistinguishedName)) { $search=Get-ADObject -Filter 'ObjectClass -eq "OrganizationalUnit" -and DistinguishedName -eq $searchBase' if ($search.Count -ne 1) { Write-Host "CRITICAL: SearchBase not found or duplicate. Provided $searchBase" exit 2 } } else { $searchBase=(Get-ADDomain).DistinguishedName } $command="Search-ADAccount -"+$action+" -"+$accountType+" -SearchBase '"+$searchBase+"' -SearchScope "+$searchScope $result=invoke-expression $command if($result.Count -gt $maxCrit) { $state="CRITICAL" $exitcode=2 } elseif($result.Count -gt $maxWarn) { $state="WARNING" $exitcode=1 } else { $state="OK" $exitcode=0 } $output=$state+": "+$result.Count+" "+$action+"|"+$action+"="+$result.Count+";"+$maxWarn+";"+$maxCrit Write-Host $output exit $exitcode
Reviewed 9 years ago
If you want ot monitor your NetApp then use this. It works great on our NetApp 3170
Reviewed 13 years ago
I have this working great on Windows 2003 with Exchange 2007, however I seem to have an issue running it on Windows 2008 with Exchange 2007. If I run the command from the "nsclien++ /test" it works fine and the result comes back in a few seconds. If I run it from the command line on the Nagios server, again it works fine, just takes a lot longer to return the output. When I then run it as a Nagios check it fails with "(Service Check Timed Out)". I have the timeout set to 300 seconds. Not sure why it is failing on 2008.
Reviewed 12 years ago
Work great on a Windows 7 computer... however if you run this on Windows 2012 R2 you will need to modify the registry path the the script looks at from "SOFTWAREMcAfeeAVEngine" to "SOFTWAREWow6432NodeMcAfeeAVEngine".
Reviewed 11 years ago