0 votes

I need a report script that will email me a list of the users with these field values:
DN,cn,display name,%adm-PasswordExpires%

Thanks!

by (2.7k points)

1 Answer

0 votes
by (215k points)
selected by
Best answer

Hello,

Here' s a script that you can use to generate the report you need:

Import-Module Adaxes

$email = "%adm-InitiatorEmail%" 
if ($email -eq "")
{
    $Context.LogMessage("No e-mail addresses specified for your account.", "Information")
    return
}
$baseContainerDN = "%distinguishedName%"
$domainName = $Context.GetObjectDomain($baseContainerDN)

$bodyBuilder = New-Object "System.Text.StringBuilder"
$bodyBuilder.append("<html><head>") | Out-Null
$bodyBuilder.append("<meta http-equiv=""Content-Type"" content=""text/html charset=UTF-8""></head>") | Out-Null
$bodyBuilder.append("<body>") | Out-Null
$bodyBuilder.append("<table width=""100%%"" border=""1"">") | Out-Null
$bodyBuilder.append("<tr>") | Out-Null
$bodyBuilder.append("<th>DN</th><th>CN</th><th>Display Name</th><th>adm-PasswordExpires</th>") | Out-Null
$bodyBuilder.append("</tr>") | Out-Null

# Find all users
$users = Get-AdmUser -Filter "*" -SearchBase $baseContainerDN -Properties "DisplayName" -Server $domainName -AdaxesService "localhost"
$passwordExpiresConverter = [Softerra.Adaxes.Utils.PropertyValueConverter]::GetConverter("adm-PasswordExpires", "LargeInteger")
foreach ($user in $users)
{
    $admUser = $Context.BindToObjectByDN($user.DistinguishedName)
    $passwordExpires = $passwordExpiresConverter.ConvertToString($admUser.Get("adm-PasswordExpires"))
    $bodyBuilder.append("<tr>") | Out-Null
    $bodyBuilder.appendFormat("<td>{0}</td>", $user.DistinguishedName) | Out-Null
    $bodyBuilder.appendFormat("<td>{0}</td>", $user.Name) | Out-Null
    $bodyBuilder.appendFormat("<td>{0}</td>", $user.DisplayName) | Out-Null
    $bodyBuilder.appendFormat("<td>{0}</td>", $passwordExpires) | Out-Null
    $bodyBuilder.append("</tr>") | Out-Null
}

$bodyBuilder.append("</table>") | Out-Null
$bodyBuilder.append("</body></html>") | Out-Null

$Context.SendMail($email, "[AD Report] Inactive Computers", $null, $bodyBuilder.ToString())

This script can be used in a Custom Command or a Scheduled Task. To create a Custom Command that launches this script:

  1. Launch the Custom Command creation wizard.
  2. On the 2nd step of the wizard, enable the Show all properties checkbox, and select the Domain-DNS object type.
  3. On the 3rd step, click the Add Action link and choose the Run a program or a PowerShell script action.
  4. Paste the script above in the Script field.
  5. Follow the instructions of the wizard and finalize creation of the Custom Command.

When executed on a domain, the Custom Command will compose a report for all the users within this domain and send the report to the initiator.

0

Worked Perfect, Thank you!

Related questions

0 votes
1 answer

Hi, we are using a scheduled job in Adaxes to notify users that their password will expire in x days. Now, we as IT were approached by Marketing to set up all ... ;/div&gt; &lt;/body&gt; &lt;/html&gt; Your help would be highly appreciated kind regards Ingemar

asked Mar 2, 2015 by ijacob (6.1k points)
0 votes
1 answer

I have a script that i am trying to run against all users in an OU, but the script will only run against 1 user then not run again for any other users in the OU. Any thoughts on why this would happen?

asked Mar 1, 2018 by kevball2 (510 points)
0 votes
1 answer

Is it possible to trigger an external API request to update another directory whenever an AD user changes his password? Even if the password change didn't occur using adaxes, but directly in Active Directory? Thank you.

asked May 29 by nicolasdsa (250 points)
0 votes
1 answer

Hi, I would need to set a random plaintext in the header of the login page of one of the contexts (via custom HTML). This plaintext must be aligned with a ... . This would serve as a pseudo verification code for entering in the console. Thanks, Daniele

asked May 26 by dmaggiolo (250 points)
0 votes
1 answer

is it possible to allow a user to enroll for both options, or even only one option out of the two available? I would like to give my users the choice to use either. Some users may not want an authenticator, but other's might do.

asked Nov 6, 2019 by mashworth (290 points)
2,245 questions
2,007 answers
5,494 comments
19,938 users