For Windows Sysadmins, PowerShell is a godsend when you need to keep your network secure while not spending all of your time searching through Event Viewer to make sure you haven’t been breached. Here are some of the scripts that have saved me hours (if not days) of work.

Here is a script that will send an email whenever an Active Directory account is locked out:

To monitor any changes to your production groups, Domain Admins, Enterprise Admins, or Schema Admins, the below script will monitor any membership changes to the groups in an OU that’s specified:

 

Here is a script that will reminder your users to change their passwords to 7 days, 3 days, and 1 day in advance of their password expiring:

Hopefully these scripts help you as much as they’ve helped me in reducing the amount of time spent monitoring sensitive groups, dealing with account lockouts, and resetting passwords. Please let us know if you have any scripts you’d like to share in the comments!

Like this post? Share it!