Jump to content
Sign in to follow this  
stealthmsgr

Badlogoncount problems

Recommended Posts

stealthmsgr

Hello Guys,

Looks like I have a problem with a script that I have put together. I'm using (sample):

$badlogin = GUICtrlCreateLabel (""& $UserObj.BadLoginCount, 220, 30, 20, 15)

to get the user object badlogincount info. I have tested it on another sample system and deliberately put in bad login's and it doesn't report them.

Am I missing something or should I get different object info?

Thanks for input.

Share this post


Link to post
Share on other sites
JLogan3o13

Can you please post the whole of your code? With just one line it is something of a guess in the dark.


√-1 2^3 ∑ π, and it was delicious!

Share this post


Link to post
Share on other sites
water

How do you create $UserObj.

If you try to get the information from Active Directory you could try my AD UDF.


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2018-10-19 - Version 1.4.10.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (2018-10-31 - Version 1.3.4.1) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
PowerPoint (2017-06-06 - Version 0.0.5.0) - Download - General Help & Support
Excel - Example Scripts - Wiki
Word - Wiki
 
Tutorials:

ADO - Wiki

 

Share this post


Link to post
Share on other sites
stealthmsgr

Hi Water, good to hear from you.

Your UDF was my first stop and used _AD_GetObjectProperties.

Had some difficulties getting the BadLoginCount. Guess I'm missing something.

I used some code from an example from JSThePatriot. I just send this result into a small custom form displayed on logon.

$lastlogin = $UserObj.LastLogin

$Date = StringMid($lastlogin, 5, 2) & "/" & StringMid($lastlogin, 7, 2) & "/" & StringMid($lastlogin, 1, 4)
$Time = StringMid($lastlogin, 9, 2) & ":" & StringMid($lastlogin, 11, 2) & ":" & StringMid($lastlogin, 13, 2)
GUICtrlCreateLabel ($Date & " "& $Time, 120, 52, 150, 20)
$badlogin = GUICtrlCreateLabel (""& $UserObj.BadLoginCount, 220, 30, 20, 15)

Anyway, it seems that when I run the code it "lies" and produces a Zero result.

I have deliberately produced bad logon's with different users (Admin & std). My result is still Zero!?!?

I could understand if the Admin & equivalent would, but not a std user.

This is specifically for Server 2003 & 2003 R2, but I have tried it on up to Server 2012. Same result.

I have used other object properties that work.

Umm....(scratching my head, now).

Thanks for any help,

Cheers

Share this post


Link to post
Share on other sites
stealthmsgr

Water, this is a follow up to the previous info:

I was attempting to use this code

$aProperties = _AD_GetObjectProperties(@UserName, "badPwdCount")
_ArrayDisplay($aProperties, "Properties for user '" & @UserName & "'")
MsgBox(0, "Info", "Info: " & $aProperties)

Then send it to the logon form.

Share this post


Link to post
Share on other sites
water

If you use my _AD_GetObjectProperties function you need to have a look at the "badPwdCount" property.


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2018-10-19 - Version 1.4.10.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (2018-10-31 - Version 1.3.4.1) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
PowerPoint (2017-06-06 - Version 0.0.5.0) - Download - General Help & Support
Excel - Example Scripts - Wiki
Word - Wiki
 
Tutorials:

ADO - Wiki

 

Share this post


Link to post
Share on other sites
stealthmsgr

I used it and it did return a value. However, it appears to return consistently Zero.

I also noticed that when I ran the code calling _AD_Open() ...(code, code, code)....... _AD_Close().

My script would hang, but only on the first attempt. If I re-ran the code immediately it would run OK.

Could this be connected to my Zero return value?

Share this post


Link to post
Share on other sites
water

Do you run the badpwdcount for the current user you are logged on to?

If yes, then you will always get a value of 0. MSDN states:

"This attribute is not replicated and is maintained separately on each domain controller in the domain.

This attribute is reset on a specific domain controller when the user successfully logs onto that domain controller."

What you could check is the badPasswordTime property. But this has a similar problem:

"This attribute is not replicated and is maintained separately on each domain controller in the domain. To get an accurate value for the user's last bad password time in the domain, each domain controller in the domain must be queried. The largest value that is obtained represents the true bad password time."


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2018-10-19 - Version 1.4.10.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (2018-10-31 - Version 1.3.4.1) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
PowerPoint (2017-06-06 - Version 0.0.5.0) - Download - General Help & Support
Excel - Example Scripts - Wiki
Word - Wiki
 
Tutorials:

ADO - Wiki

 

Share this post


Link to post
Share on other sites
stealthmsgr

I found similar info.

"Each DC keeps a separate count, which resets to 0 when the user successfully authenticates."

On which this is a DC.

I suppose I could pull the info from the Event logs?

Do you have any insight into that?

Also, using the Event logs would prove handy for other Auditing related tasks.

Share this post


Link to post
Share on other sites
water

To get the "true" badPasswordTime property you would need to modify function _AD_GetLastLoginDate.

Would only be a minor change because property lastlogindate works the same way as badPasswordTime works.


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2018-10-19 - Version 1.4.10.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (2018-10-31 - Version 1.3.4.1) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
PowerPoint (2017-06-06 - Version 0.0.5.0) - Download - General Help & Support
Excel - Example Scripts - Wiki
Word - Wiki
 
Tutorials:

ADO - Wiki

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×