Avec \u00e7a, vous aurez les derni\u00e8res erreurs et leurs causes possibles.<\/p>\n
<\/p>\n
$NpsServers=('DC01','DC02')\r\n$ReturnArray=@()\r\n\r\n$NPS_Filter=\"<QueryList>\r\n <Query Id=`\"0`\" Path=`\"System`\">\r\n <Select Path=`\"System`\">*[System[Provider[@Name='NPS']]]<\/Select>\r\n <Select Path=`\"System`\">*[System[Provider[@Name='HRA']]]<\/Select>\r\n <Select Path=`\"System`\">*[System[Provider[@Name='Microsoft-Windows-HCAP']]]<\/Select>\r\n <Select Path=`\"Security`\">*[System[Provider[@Name='Microsoft-Windows-Security-Auditing'] and Task = 12552]]<\/Select>\r\n <\/Query>\r\n<\/QueryList>\"\r\n\r\nforeach ( $NpsServer in $NpsServers ) {\r\n foreach ( $Event in (Get-WinEvent -MaxEvents 800 -ComputerName $NpsServer -FilterXml ([xml]$NPS_Filter) | where {$_.message -like \"*denied*\"} ) ){\r\n $Message=$Event.Message.Split(\"`n\")\r\n\r\n$Retour = [PSCustomObject]@{\r\n TimeCreated =$Event.TimeCreated\r\n MachineName =$Event.MachineName\r\n AccountName =((($Message |Select-String -Pattern \"Account Name\" -CaseSensitive)[0]).ToString().split(':')[1]).trim()\r\n AuthType =((($Message |Select-String -Pattern \"Authentication Type\" -CaseSensitive)[0]).ToString().split(':')[1]).trim()\r\n Reason =''\r\n }\r\n if ($Message |Select-String -Pattern \"Reason\" ){\r\n $Retour.Reason =((($Message |Select-String -Pattern \"Reason:\" -CaseSensitive)[0]).ToString().split(':')[1]).trim()\r\n }\r\n\r\n$ReturnArray+=$Retour\r\n }\r\n}\r\n$ReturnArray| ft -autosize<\/pre>\n <\/p>\n","protected":false},"excerpt":{"rendered":"
Avec \u00e7a, vous aurez les derni\u00e8res erreurs et leurs causes possibles. $NpsServers=(‘DC01′,’DC02′) $ReturnArray=@() $NPS_Filter=\u00a0\u00bb<QueryList> <Query Id=`\u00a0\u00bb0`\u00a0\u00bb Path=`\u00a0\u00bbSystem`\u00a0\u00bb> <Select Path=`\u00a0\u00bbSystem`\u00a0\u00bb>*[System[Provider[@Name=’NPS’]]]<\/Select> <Select Path=`\u00a0\u00bbSystem`\u00a0\u00bb>*[System[Provider[@Name=’HRA’]]]<\/Select> <Select Path=`\u00a0\u00bbSystem`\u00a0\u00bb>*[System[Provider[@Name=’Microsoft-Windows-HCAP’]]]<\/Select> <Select Path=`\u00a0\u00bbSecurity`\u00a0\u00bb>*[System[Provider[@Name=’Microsoft-Windows-Security-Auditing’] and Task = 12552]]<\/Select> <\/Query> <\/QueryList>\u00a0\u00bb foreach ( $NpsServer in $NpsServers ) { foreach ( $Event in (Get-WinEvent -MaxEvents 800 -ComputerName $NpsServer -FilterXml ([xml]$NPS_Filter) | where {$_.message -like \u00ab\u00a0*denied*\u00a0\u00bb} […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[58,4,63],"tags":[],"class_list":["post-571","post","type-post","status-publish","format-standard","hentry","category-powershell","category-wifi","category-windows"],"_links":{"self":[{"href":"https:\/\/snakenet.eu\/blog\/wp-json\/wp\/v2\/posts\/571","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/snakenet.eu\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/snakenet.eu\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/snakenet.eu\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/snakenet.eu\/blog\/wp-json\/wp\/v2\/comments?post=571"}],"version-history":[{"count":1,"href":"https:\/\/snakenet.eu\/blog\/wp-json\/wp\/v2\/posts\/571\/revisions"}],"predecessor-version":[{"id":572,"href":"https:\/\/snakenet.eu\/blog\/wp-json\/wp\/v2\/posts\/571\/revisions\/572"}],"wp:attachment":[{"href":"https:\/\/snakenet.eu\/blog\/wp-json\/wp\/v2\/media?parent=571"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/snakenet.eu\/blog\/wp-json\/wp\/v2\/categories?post=571"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/snakenet.eu\/blog\/wp-json\/wp\/v2\/tags?post=571"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}