You are using an ad blocker that is interfering with our web typography and internal javascript. Please whitelist our domain to live in a more beautiful world. No ads here, just really great software!
cookie alert

We use cookies to offer you a better browsing experience, analyze site traffic, personalize content, and serve targeted advertisements. If you continue to use this site, you consent to our use of cookies.

What's New

Nexthink raises $85M lead by Index Ventures to bring Digital Employee Experience to the enterprise.

View press release
View all resources

Nexthink Library

User Login Management

Troubleshoot common login issues and ensure compliance by providing information about failed logins on devices and running campaigns warning about near password expiration.

Script Invoke Proactive Password Reset

  • Version 1.0.0.0 – Initial release

Script Description

Checks password expiration date and if it is within the timeframe provided by the input parameter, runs a campaign to warn the user (providing link to reset the password).

Execution context and suggested scheduling

Run the script manually as interactive user.

Parameters

ID Label Description
1 Campaign Id UID of the campaign to notify the user that the password is about to expire and provide the URL to reset it
2 Days Until Expiration Number of days left for the password to expire. If expiration date is inside this timeframe, the campaign is run

Outputs

None.

Further Information

Please make sure to modify the sample URL included in the campaign with the desired one.

Restrictions

  • If Domain Controller and devices are not fully synchronized, information about password expiration date on the devices could not be precise. Please make sure to take this into consideration when running the Remote Action

Script Get Failed Logins

  • Version 1.0.0.0 – Initial release

Script Description

Obtains information about all failed login attempts. The script can be successfully executed only on devices with ‘Audit Logon Events’ policy enabled and Windows 10 or Windows 7 installed.

Execution context and suggested scheduling

Run the script manually as local system.

Parameters

ID Label Description
1 Maximum Delay In Seconds Maximum random delay set to avoid overloading server hosting virtual machines. Provide number of seconds less than 600

Outputs

ID Label Type Description
1 Failed Logins StringList Information about failed login attempts (user name, event time, logon failure status code, logon type code)
2 Failed Logins Count Int Number of failed login attempts. It always shows full number of failed logins even when number of displayed events in ‘FailedLogins’ output parameter has been truncated due to limited output capacity

Further Information

Parameter ‘MaximumDelayInSeconds’ can be used to add random script execution delay. It should be used on servers hosting virtual machines to spread the number of I/O requests over time.
Microsoft website – https://docs.microsoft.com/en-us/windows/security/threat-protection/auditing/event-4625 – provides information about logon failure status codes and logon type codes.

Restrictions

  • The script can be successfully executed only on devices with ‘Audit Logon Events’ policy enabled.
  • Due to limited capacity of ‘FailedLogins’ output field, detailed information about failed loggings attempts can be truncated.

Content

Campaigns
Remote Actions

Required Modules

Nexthink Act
Nexthink Engage

Platforms

Windows

Compatibility

V6.14 and later
Thank you!