Featured image of post Monitoring with PowerShell: WAN IP changes and Active Directory ages

Monitoring with PowerShell: WAN IP changes and Active Directory ages

I’ve been super swamped the last couple of days, as we’re working on our ISO27001 audit in our office. This means most of my time is just being swallowed by auditors. I’ve decided to not break my streak in releasing my blogs on time so this time we’re covering some requests from our readers!

Monitoring WAN IP changes

This was requested by the Reddit user “EqualWorking1”. He wanted the ability to see when a WAN IP changes for one of his servers, as he suspected a ISP kept dropping the link every few minutes. The script needs to run once to create a base-line IP file, and runs the compare based on that.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
$previousIP = get-content "$($env:ProgramData)/LastIP.txt" -ErrorAction SilentlyContinue | Select-Object -first 1
if (!$previousIP) { Write-Host "No previous IP found. Compare will fail." }
$Currentip = (Invoke-RestMethod -Uri "https://ipinfo.io/ip") -replace "`n", ""
$Currentip | out-file "$($env:ProgramData)/LastIP.txt" -Force

if ($Currentip -eq $previousIP) {
    write-host "Healthy"
}
else {
    write-host "External WAN address is incorrect. Expected $PreviousIP but received $Currentip"
    write-host @{ 
        CurrentIP = $Currentip
        previousIP = $previousIP
    }
    exit 1
}

Monitoring old computer accounts on Active Directory

This one was requested by Johan, on the N-Central Slack channel. He wants to have the ability to alert when computers get older than a specific age. in his case, 90 days.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
 $ENV:ComputerAge = 90
$age = (get-date).AddDays(-$ENV:ComputerAge)
$DomainCheck = Get-CimInstance -ClassName Win32_OperatingSystem
if ($DomainCheck.ProductType -ne "2") { write-host "Not a domain controller. Soft exiting." ; exit 0 }
$OldComputers = Get-ADComputer -Filter * -properties DNSHostName,Enabled,WhenCreated,LastLogonDate | select DNSHostName,Enabled,WhenCreated,LastLogonDate | Where-Object {$_.LastLogonDate -lt $age}


if (!$OldComputers) {
    write-host "Healthy - No computers older than $ENV:ComputerAge found."
}
else {
    write-host"Not Healthy - Computer accounts found older than $ENV:ComputerAge  days"
    write-host @($OldComputers)
}

Monitoring old user accounts on Active Directory

And this one was just added for myself. I like knowing if accounts haven’t been logged onto in some time 🙂

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
 $ENV:UserAge = 30
$age = (get-date).AddDays(-$ENV:UserAge)
$DomainCheck = Get-CimInstance -ClassName Win32_OperatingSystem
if ($DomainCheck.ProductType -ne "2") { write-host "Not a domain controller. Soft exiting." ; exit 0 }
$OldUsers = Get-ADuser-Filter * -properties UserPrincipalName, Enabled, WhenCreated, LastLogonDate | select UserPrincipalName, Enabled, WhenCreated, LastLogonDate | Where-Object { $_.LastLogonDate -lt $age }


if (!$OldUsers) {
    write-host "Healthy"
}
else {
    write-host "Not Healthy - Users found that havent logged in for $ENV:UserAge days"
    write-host @($OldUsers)
}

And that’s it this time! short but sweet. I hope you enjoyed and if there is any more requests. Let me know! 🙂 As always, Happy powerShelling.

All blogs are posted under AGPL3.0 unless stated otherwise
comments powered by Disqus
Built with Hugo
Theme Stack designed by Jimmy