Event log tasks how to get username?
Hi we are getting a few users locking their accounts out. I have created a Task against the event log which checks for accounts that are locked out every 5 minutes, the action text I have created is "%username% account has been locked out. Please log a call, find out why it was locked out and unlock." this works perfectly. I indeed do get a message saying "%username% account has been locked out. Please log a call, find out why it was locked out and unlock." I want the actual Username to show in the email not text saying %username%. Has anyone got this to work? The only thing I can think of is writing a powershell script to run which will check the event logs and email the results as an attachment however it seems a little over the top! Let me know if anyone has any ideas thanks folks Adam MCP, MCSA, MCSA:M, MCSE, MCTS, VCP
May 18th, 2011 10:09am

What version of Windows is running the task that checks the event log?
Free Windows Admin Tool Kit Click here and download it now
May 19th, 2011 1:55pm

Criag, Sorry its server 2008 R2 SP1 but I decided to write a powershell script instead # Email Settings # Create from/to addresses $from = New-Object System.Net.Mail.MailAddress "ACCOUNTSLOCKEDOUT@domain.com" $to = New-Object System.Net.Mail.MailAddress "myemail@address" # Create Message $message = new-object System.Net.Mail.MailMessage $from, $to $message.Subject = "An account has been locked out." # Set SMTP Server and create SMTP Client $server = "10.171.173.60" $client = new-object system.net.mail.smtpclient $server $acclockout = "" $acclockoutdata = "" try { $acclockout = get-eventlog security -InstanceID 4740 -newest 1 } catch {} # Send the message "Sending an e-mail message to {0} by using SMTP host {1} port {2}." -f $to.ToString(), $client.Host, $client.Port if($acclockout -ne "") { $acclockoutdata = $acclockout.TimeGenerated.ToString() $acclockoutdata += $acclockout.Message $message.Body = $acclockoutdata try { $client.Send($message) "Message to: {0}, from: {1} has beens successfully sent" -f $from, $to } Catch {} } Adam MCP, MCSA, MCSA:M, MCSE, VCP
May 20th, 2011 7:43am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics