orgcontrib · August 23, 2024 20:50
diff --git a/Get AD account lockout from all DCs.ps1 b/Get AD account lockout from all DCs.ps1
 ## Get all domain controllers for current domain and retrieve AD account lock events, going back a given period in time and showing which account and where it was locked from

 [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain().DomainControllers.name | % { Get-WinEvent -FilterHashtable @{ LogName = 'Security' ; Id = 4740 ; StartTime = [datetime]::Now.AddDays( -7 ) } -ComputerName $_|select timecreated,MachineName,@{n='Account';e={$_.properties[0].value}},@{n='From';e={$_.properties[1].value}}}
	## Get all domain controllers for current domain and retrieve AD account lock events, going back a given period in time and showing which account and where it was locked from

	[System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain().DomainControllers.name \| % { Get-WinEvent -FilterHashtable @{ LogName = 'Security' ; Id = 4740 ; StartTime = [datetime]::Now.AddDays( -7 ) } -ComputerName $_\|select timecreated,MachineName,@{n='Account';e={$_.properties[0].value}},@{n='From';e={$_.properties[1].value}}}