reformat get-lockout-location.ps1

2017-07-16 13:33:35 +02:00 · 2017-07-16 13:33:35 +02:00 · ac7400ef9f
parent 5e49ee7a85
commit ac7400ef9f
1 changed files with 36 additions and 12 deletions
--- a/scripts/users/get-lockout-location.ps1
+++ b/scripts/users/get-lockout-location.ps1
@ -3,12 +3,17 @@ Function Get-LockedOutLocation
 {
 <#
 .SYNOPSIS
-    This function will locate the computer that processed a failed user logon attempt which caused the user account to become locked out.
+    This function will locate the computer that processed a failed
+    user logon attempt which caused the user account to become locked
+    out.

 .DESCRIPTION
-    This function will locate the computer that processed a failed user logon attempt which caused the user account to become locked out.
-    The locked out location is found by querying the PDC Emulator for locked out events (4740).
-    The function will display the BadPasswordTime attribute on all of the domain controllers to add in further troubleshooting.
+    This function will locate the computer that processed a failed
+    user logon attempt which caused the user account to become locked
+    out. The locked out location is found by querying the PDC Emulator
+    for locked out events (4740). The function will display the
+    BadPasswordTime attribute on all of the domain controllers to add
+    in further troubleshooting.

 .EXAMPLE
    PS C:\>Get-LockedOutLocation -Identity Joe.Davis
@ -16,9 +21,11 @@ Function Get-LockedOutLocation

    This example will find the locked out location for Joe Davis.
 .NOTE
-    This function is only compatible with an environment where the domain controller with the PDCe role to be running Windows Server 2008 SP2 and up.
-    The script is also dependent the ActiveDirectory PowerShell module, which requires the AD Web services to be running on at least one domain controller.
-    Author:Jason Walker
+    This function is only compatible with an environment where the
+    domain controller with the PDCe role to be running Windows Server
+    2008 SP2 and up. The script is also dependent the ActiveDirectory
+    PowerShell module, which requires the AD Web services to be
+    running on at least one domain controller. Author:Jason Walker
    Last Modified: 3/20/2013
 #>
    [CmdletBinding()]
@ -49,16 +56,25 @@ Function Get-LockedOutLocation

        #Get all domain controllers in domain
        $DomainControllers = Get-ADDomainController -Filter *
-        $PDCEmulator = ($DomainControllers | Where-Object {$_.OperationMasterRoles -contains "PDCEmulator"})
+        $PDCEmulator = ($DomainControllers |
+          Where-Object {$_.OperationMasterRoles -contains "PDCEmulator"})

        Write-Verbose "Finding the domain controllers in the domain"
        Foreach($DC in $DomainControllers)
        {
            $DCCounter++
-            Write-Progress -Activity "Contacting DCs for lockout info" -Status "Querying $($DC.Hostname)" -PercentComplete (($DCCounter/$DomainControllers.Count) * 100)
+            Write-Progress -Activity "Contacting DCs for lockout info" -Status "`
+              Querying $($DC.Hostname)" `
+                -PercentComplete (($DCCounter/$DomainControllers.Count) * 100)
            Try
            {
-                $UserInfo = Get-ADUser -Identity $Identity  -Server $DC.Hostname -Properties AccountLockoutTime,LastBadPasswordAttempt,BadPwdCount,LockedOut -ErrorAction Stop
+                $UserInfo = Get-ADUser -Identity $Identity `
+                  -Server $DC.Hostname `
+                  -Properties AccountLockoutTime,
+                              LastBadPasswordAttempt,
+                              BadPwdCount,
+                              LockedOut `
+                  -ErrorAction Stop
            }
            Catch
            {
@ -79,13 +95,21 @@ Function Get-LockedOutLocation
                    }
            }#end if
        }#end foreach DCs
-        $LockedOutStats | Format-Table -Property Name,LockedOut,DomainController,BadPwdCount,AccountLockoutTime,LastBadPasswordAttempt -AutoSize
+        $LockedOutStats | Format-Table -Property Name,
+                                                 LockedOut,
+                                                 DomainController,
+                                                 BadPwdCount,
+                                                 AccountLockoutTime,
+                                                 LastBadPasswordAttempt `
+                                       -AutoSize

        #Get User Info
        Try
        {
           Write-Verbose "Querying event log on $($PDCEmulator.HostName)"
-           $LockedOutEvents = Get-WinEvent -ComputerName $PDCEmulator.HostName -FilterHashtable @{LogName='Security';Id=4740} -ErrorAction Stop | Sort-Object -Property TimeCreated -Descending
+            $LockedOutEvents = Get-WinEvent -ComputerName $PDCEmulator.HostName `
+              -FilterHashtable @{LogName='Security';Id=4740} -ErrorAction Stop |
+              Sort-Object -Property TimeCreated -Descending
        }
        Catch
        {