0 votes

Hi there

I need to run a script that wil show me (by email) the number of current users and inactive users (only the totals)

Here is what I got:

Import-Module Adaxes
$date = Get-Date -format y
$to = email@comp.com
$subject = "User count | " + $date
$Objects_All = Get-AdmUser -Filter * -SearchBase "DC=network,DC=local"
$Objects_All.Count
$Objects_Inactive = Get-AdmUser -Filter {Enabled -eq $False} -SearchBase "DC=network,DC=local"
$Objects_Inactive.count
$bodyText = "Current external user accounts: " + $Objects_All.Count + "rn" + "Current inactive external user accounts: " + $Objects_Inactive.count
$bodyHtml = $NULL
$Context.SendMail($to, $subject, $bodyText, $bodyHtml)

and this is the body info I want in the emai: (only 1 email)

Current external user accounts:
Current inactive external user accounts:

Please help me as I'm new to this
Thanks
W@lly

by (210 points)
0

Hello,

Could you describe your task in more detail? In particular, how are you planning to launch the script? Are you going to launch it from PowerShell console or would you like to create a Scheduled Task that will email you the required information at certain time intervals?

Also, you mention that you would like to get the number of inactive users, however in you script that you posted above you get the number of disabled users. Please, clarify.

0

Hi there

Yes, Scheduled Task that will email me once a month
I want the number of Active and inactive users

Current user accounts:
Current inactive user accounts:

Thanks

W@lly

1 Answer

0 votes
by (216k points)

Hello,

Find the requested PowerShell script below. You can use the script with Scheduled Tasks to collect and email the required statistics on a regular basis. To schedule the script:

  1. Create a new Scheduled Task.

  2. On the 3rd step of the Create Scheduled Task wizard, you need to select the type of objects, for which the Scheduled Task will run. If you want to collect the required user statistics for a domain, you need to select the Domain-DNS object type. As it is not visible by default in the Object type list, select the Show all object types option.

  3. Select the Domain-DNS object type.

  4. On the 4th step, add the Run a program or PowerShell script action and paste the following script in the Script field:

     $to = "email@company.com" # TODO: Modify me. Specifies the recipient of the emails.
     $inactivityDurationDays = 90  # TODO: Modify me. Specifies the number of days, during which an account should be inactive to match the criteria.
    
     function CalculateSearchResults($baseObjectPath, $filter)
     {
         $searcher = New-Object "Softerra.Adaxes.Adsi.Search.DirectorySearcher" @($NULL, $False)
         $searcher.SearchParameters.BaseObjectPath = $baseObjectPath
         $searcher.SearchParameters.Filter = $filter
         $searcher.SearchParameters.PageSize = 100
         $searcher.SearchParameters.PropertiesToLoad.Add("1.1") | Out-Null
         $searcher.SearchParameters.SearchScope = "ADS_SCOPE_SUBTREE"
         $iterator = $searcher.ExecuteSearch()
         try
         {
             $result = $iterator.FetchAll().Count
         }
         finally
         {
             $iterator.Dispose()
         }
         return $result
     }
    
     # Get all users count
     [String[]]$objectTypes = "user"
     $allUsersFilter = [Softerra.Adaxes.Ldap.FilterBuilder]::CreateObjectTypesFilter($objectTypes)
     $allUsersCount = CalculateSearchResults $Context.TargetObject.ObjectInfo.Path $allUsersFilter
    
     # Get inactive users count
     $inactivityThreshold = [System.DateTime]::Now.AddDays(-($inactivityDurationDays))
     $inactivityThresholdInt64 = $inactivityThreshold.ToFileTime()
     $inactivityThresholdGeneralizedTime = 
             $inactivityThreshold.ToUniversalTime())
     $inactiveAccountFilter = "(&" +
         $allUsersFilter +
         "(whenCreated<=$inactivityThresholdGeneralizedTime)" +
         "(|(!(lastLogonTimestamp=*))(lastLogonTimestamp<=$inactivityThresholdInt64))" +
     ")"
     $inactiveUsersCount = CalculateSearchResults $Context.TargetObject.ObjectInfo.Path $inactiveAccountFilter
    
     # Send e-mail message
     $subject = "User count | " + (Get-Date -format y)
     $bodyText = "Current user accounts: " + $allUsersCount + "`r`n" + "Current inactive user accounts: " + $inactiveUsersCount
     $bodyHtml = $NULL
     $Context.SendMail($to, $subject, $bodyText, $bodyHtml)
    

  5. In the script, $to specifies the email address, to which the emails should be sent by the script, and $inactivityDurationDays specifies the number of days, during which an account should be inactive to match your criteria. Modify the script to your requirements.

  6. Click OK.

  7. On the 5th step, assign the Scheduled Task over the domain for which you want to collect the statistics.

  8. Finish creation of the Scheduled Task.

0

Hi there

Thanks

But it still send me 90 emails with the correct info (the 90 is the amount of current users also on the test AD at the moment.)

Any idea on how to send out only 1 email?

Regards
W@lly

0

Hello,

What object did you select on the 3rd step of the Create Scheduled Task wizard (steps 2-3 in my previous post) and what object did you assign the Scheduled Task on on the 5th step of the Create Scheduled Task wizard (step 7 in my previous post)? Can you post here a screenshot of your Scheduled Task with the Activity Scope section visible?

0

Hi there

Sorry, I saw my problem, thanks
It was set to users and not domain

Related questions

0 votes
1 answer

We manage employee user accounts in our on-premise Active Directory and synchronize them to Azure Active Directory using Azure AD Connect. We'd like to be able to generate ... if this is possible so we can easily identify user accounts that are truly inactive.

asked May 9, 2023 by RickWaukCo (320 points)
0 votes
1 answer

Hello, The report named Inactive users allowed to log in shows the Active Directory sign-in (Last-Logon-Timestamp) and Azure AD sign-in (Last Logon) but only for Active Directory ... updated by an Azure logic App. But we'd love to have this natively in Adaxes.

asked Dec 13, 2022 by Gavin.Raymen (40 points)
0 votes
1 answer

I had a script that would copy the values from adm-CustomAttributeTextMultiValue1 and save them into extensionAttribute15 as a comma seperated list. The script somehow got deleted and I can't seem to find the tutorial I used to create it before.

asked Jul 1, 2022 by jordan (110 points)
0 votes
1 answer

I am wanting to export a list of users including the properties of a specific custom attribute. Ideally, I would be able to run a get-admuser and filter on a custom attribute, but even an excel report with the custom attributes would work. Is this possible?

asked Sep 9, 2021 by ggallaway (300 points)
0 votes
1 answer

We have a fleet of Macbooks that use NoMAD to handle AD Authentiction and syncronization. How can we use Adaxes to handle the Password reset utility with these users. If they ... resync will be needed. Anybody else doing this or have a solution to the above?

asked May 13, 2020 by jcalvert (60 points)
3,326 questions
3,026 answers
7,727 comments
544,678 users