At my company, the system administrators separate admin accounts to administer our server infrastructure. These admin accounts are often powerful accounts which get their power from group membership (Role Based Access Control a.k.a. RBAC). Therefore, I would like to receive a notification via e-mail when a user account is added to or removed from a group (in my previous post I shared with you a script to monitor just that), but added to that I also would like to receive a notification when for example the Password Never Expires option is ticked. Other scenarios may include notification when an admin account is created or deleted. Or when the password of an admin account has been changed. And I would like to know who has made these changes and when.
As and added benifit, you can also claim to any auditor that you have a log of all changed made to your admin accounts by simply saving the e-mails.
In this post I would like to share with you the script I have made to monitor AD user account changes. This script will check all user account related events from the last hour. You can implement this script by running it every hour via a scheduled task.
Continue reading Monitor AD user account changes
Monitor AD group changes
Ever wanted to monitor group changes in AD? This is a script I came up with to do just that. It will collect the security log events from the last hour on all your domain controllers.
Continue reading Monitor AD group changes
Inventory VMware virtual machines
For reporting purposes, I maintain an Excel sheet containing information on my server base. I update this sheet on a weekly basis. Part of the information displayed in this sheet comes from a PowerShell script run against our vCenter servers. This post is not about the Excel sheet (I will share this with you in a later post), but about the PowerShell code.
Continue reading Inventory VMware virtual machines
Fix WSUS error CODE 0x80244022, 0x8024401C and 0x80072EE2
WSUS is a great product from Microsoft to keep your servers up to date. In the past years, I have often used it at the companies I worked for. But it has it downsides as well. Sometimes the Windows Update client just won’t work. You’ll get errors like 0x80244022, 0x8024401C and 0x80072EE2 and just haven’t got a clue what is going on.
I have collected a number of solutions to fix these errors and put them in a PowerShell script. This script contains all the tricks I had to pull to get the Windows Update client running again.
Continue reading Fix WSUS error CODE 0x80244022, 0x8024401C and 0x80072EE2