can't get If else statement work in Powershell AD script -
the problem not script works perfect problem works on "administrator" , "guest" account, , that's don't want. created if else statement it's not working, maybe seeing fast doing wrong?
what script? when locked in ad, creates html mail info (hostname, domain, username).
this script:
$dc = "dc1" $report= "c:\powershell\html.html" $name1 = "administrator", "guest" $log2 = "c:\powershell\temp.log" $html=@" <title>account locked out report</title> <style> body{background-color :#fffff} table{border-width:thin;border-style: solid;border-color:black;border-collapse: collapse;} th{border-width: 1px;padding: 1px;border-style: solid;border-color: black;background-color: threedshadow} td{border-width: 1px;padding: 0px;border-style: solid;border-color: black;background-color: transparent} h2{color: #457dcf;font-family: arial, helvetica, sans-serif;font-size: medium; margin-left: 40px; </style> "@ $account_name = @{n='account name';e={$_.replacementstrings[-1]}} $account_domain = @{n='account domain';e={$_.replacementstrings[-2]}} $caller_computer_name = @{n='caller computer name';e={$_.replacementstrings[-1]}} $event= get-eventlog -logname security -computername $dc -instanceid 4740 -newest 1 | select timegenerated,replacementstrings,"account name","account domain","caller computer name" | % { new-object psobject -property @{ "account name" = $_.replacementstrings[-7] "account domain" = $_.replacementstrings[5] "caller computer name" = $_.replacementstrings[1] date = $_.timegenerated } } $event | convertto-html -property "account name","account domain","caller computer name",date -head $html -body "<h2> user locked in active directory</h2>"| out-file $report -append get-eventlog -logname security -computername dc1 -instanceid 4740 -newest 1 | format-list >> $log2 if ((get-content $log2 ) -contains $name1 ) { #don't shit } else { $mailbody= get-content $report $mailsubject= "user account locked out" $smtpclient = new-object system.net.mail.smtpclient $smtpclient.host = "smtp.smtp.com" $mailmessage = new-object system.net.mail.mailmessage $mailmessage.from = "mailadress@mailadress.com" $mailmessage.to.add("mailadress@mailadress.com") $mailmessage.subject = $mailsubject $mailmessage.isbodyhtml = 1 $mailmessage.body = $mailbody $smtpclient.send($mailmessage) } remove-item c:\powershell\html.html remove-item c:\powershell\temp.log
you use regex here . this:
$exclude="administrator|guest" if (select-string -path $log2 -pattern $exclude -quiet ){ #do nothing }
Comments
Post a Comment