Search for All Users with More Than One Failed Logon

Sample script that searches Active Directory for all users who have at least one failed logon. The badPwdCount attribute is not replicated to the Global Catalog; you cannot connec

Add to favorites
Active Directory
E-mail Twitter Digg Facebook
  • Time frame for this failed login check?
    2 Posts | Last post September 18, 2015
    • What is the timeframe for 'at least one failed logon attempt' in this script.  Is it over the entire current event log?   Thanks very much.  -Andy  
    • The badPwdCount attribute is reset to 0 on the domain controller when the user authenticates with the correct password.
  • badPwdCount not replicated
    1 Posts | Last post September 18, 2015
    • Since the badPwdCount attribute is not replicated, you really should query all domain controllers in the domain. The search base can include the host name of a DC.