Join us at Experience '19: The Digital Employee Experience Conference. Learn More

cookie alert

We use cookies to offer you a better browsing experience, analyze site traffic, personalize content, and serve targeted advertisements. If you continue to use this site, you consent to our use of cookies.

What's New

View all resources

Nexthink Library

User Login Management

Troubleshoot common login issues and ensure compliance by providing information about failed logins on devices and running campaigns warning about near password expiration.

Invoke Proactive Password Reset Get Failed Logins

Content

Campaigns - 1
Remote actions - 2

Required Modules

Nexthink Act
Nexthink Engage

Platforms

Windows

Compatibility

V6.14 and later
Install
  • 1.0.1.0 - Bugfix of Invoke Proactive Password Reset Remote Action
  • 1.0.0.0 - Initial release

Description

This Library pack is a collection of different Remote Action scripts which help troubleshooting common login issues and ensure compliance.Please use the links on the left menu to learn more about the function and range of action of each script.

Invoke Proactive Password Reset

Script Description

Checks password expiration date and if it is within the time frame provided by the input parameter, runs a campaign to warn the user (providing link to reset the password).

Execution context and suggested scheduling

Run the script as 'interactive user'. The script should be executed every 1 week.

A timeout of 720 seconds is recommended.

Parameters

LabelDescription
Campaign IdUID of the campaign to notify the user that the password is about to expire and to provide the URL to reset it
Days Until ExpirationNumber of days left for the password to expire. If expiration date is inside this time frame, the campaign is run
Maximum Delay In SecondsMaximum random delay set to avoid domain controller overload. Provide number of seconds less than 600

Outputs

None.

Restrictions

Further Information

Please make sure to modify the sample URL included in the campaign with the desired one.

Test Scenarios

PasswordIsValid
Test CaseAccount password is within time range
EnvironmentWindows 7x32/x64 multiple languages, Windows 10x64 (1809, 1903)
ResultsPassword verified and no action taken.
PasswordExpiresSoon
Test CaseAccount password is about to expire
EnvironmentWindows 7x32/x64 multiple languages, Windows 10x64 (1809, 1903)
ResultsCampaign is displayed.

Get Failed Logins

Script Description

Obtains information about all failed login attempts. The script can be successfully executed only on devices with 'Audit Logon Events' policy enabled and Windows 10 or Windows 7 installed.

Execution context and suggested scheduling

Run the script as 'local system'. The script should be executed manually.

A timeout of 720 seconds is recommended.

Parameters

LabelDescription
Maximum Delay In SecondsMaximum random delay set to avoid overloading server hosting virtual machines. Provide number of seconds less than 600

Outputs

LabelTypeDescription
Failed LoginsStringListInformation about failed login attempts (user name, event time, logon failure status code, logon type code)
Failed Logins CountIntNumber of failed login attempts. It always shows full number of failed logins even when number of displayed events in 'FailedLogins' output parameter has been truncated due to limited output capacity

Restrictions

Further Information

Parameter 'MaximumDelayInSeconds' can be used to add random script execution delay. It should be used on servers hosting virtual machines to spread the number of I/O requests over time.
Microsoft website provides information about logon failure status codes and logon type codes.

Thank you!