0 votes

Hi there

I need to run a script that wil show me (by email) the number of current users and inactive users (only the totals)

Here is what I got:

Import-Module Adaxes
$date = Get-Date -format y
$to = email@comp.com
$subject = "User count | " + $date
$Objects_All = Get-AdmUser -Filter * -SearchBase "DC=network,DC=local"
$Objects_All.Count
$Objects_Inactive = Get-AdmUser -Filter {Enabled -eq $False} -SearchBase "DC=network,DC=local"
$Objects_Inactive.count
$bodyText = "Current external user accounts: " + $Objects_All.Count + "rn" + "Current inactive external user accounts: " + $Objects_Inactive.count
$bodyHtml = $NULL
$Context.SendMail($to, $subject, $bodyText, $bodyHtml)

and this is the body info I want in the emai: (only 1 email)

Current external user accounts:
Current inactive external user accounts:

Please help me as I'm new to this
Thanks
W@lly

by (210 points)
0

Hello,

Could you describe your task in more detail? In particular, how are you planning to launch the script? Are you going to launch it from PowerShell console or would you like to create a Scheduled Task that will email you the required information at certain time intervals?

Also, you mention that you would like to get the number of inactive users, however in you script that you posted above you get the number of disabled users. Please, clarify.

0

Hi there

Yes, Scheduled Task that will email me once a month
I want the number of Active and inactive users

Current user accounts:
Current inactive user accounts:

Thanks

W@lly

1 Answer

0 votes
by (215k points)

Hello,

Find the requested PowerShell script below. You can use the script with Scheduled Tasks to collect and email the required statistics on a regular basis. To schedule the script:

  1. Create a new Scheduled Task.

  2. On the 3rd step of the Create Scheduled Task wizard, you need to select the type of objects, for which the Scheduled Task will run. If you want to collect the required user statistics for a domain, you need to select the Domain-DNS object type. As it is not visible by default in the Object type list, select the Show all object types option.

  3. Select the Domain-DNS object type.

  4. On the 4th step, add the Run a program or PowerShell script action and paste the following script in the Script field:

     $to = "email@company.com" # TODO: Modify me. Specifies the recipient of the emails.
     $inactivityDurationDays = 90  # TODO: Modify me. Specifies the number of days, during which an account should be inactive to match the criteria.
    
     function CalculateSearchResults($baseObjectPath, $filter)
     {
         $searcher = New-Object "Softerra.Adaxes.Adsi.Search.DirectorySearcher" @($NULL, $False)
         $searcher.SearchParameters.BaseObjectPath = $baseObjectPath
         $searcher.SearchParameters.Filter = $filter
         $searcher.SearchParameters.PageSize = 100
         $searcher.SearchParameters.PropertiesToLoad.Add("1.1") | Out-Null
         $searcher.SearchParameters.SearchScope = "ADS_SCOPE_SUBTREE"
         $iterator = $searcher.ExecuteSearch()
         try
         {
             $result = $iterator.FetchAll().Count
         }
         finally
         {
             $iterator.Dispose()
         }
         return $result
     }
    
     # Get all users count
     [String[]]$objectTypes = "user"
     $allUsersFilter = [Softerra.Adaxes.Ldap.FilterBuilder]::CreateObjectTypesFilter($objectTypes)
     $allUsersCount = CalculateSearchResults $Context.TargetObject.ObjectInfo.Path $allUsersFilter
    
     # Get inactive users count
     $inactivityThreshold = [System.DateTime]::Now.AddDays(-($inactivityDurationDays))
     $inactivityThresholdInt64 = $inactivityThreshold.ToFileTime()
     $inactivityThresholdGeneralizedTime = 
             $inactivityThreshold.ToUniversalTime())
     $inactiveAccountFilter = "(&" +
         $allUsersFilter +
         "(whenCreated<=$inactivityThresholdGeneralizedTime)" +
         "(|(!(lastLogonTimestamp=*))(lastLogonTimestamp<=$inactivityThresholdInt64))" +
     ")"
     $inactiveUsersCount = CalculateSearchResults $Context.TargetObject.ObjectInfo.Path $inactiveAccountFilter
    
     # Send e-mail message
     $subject = "User count | " + (Get-Date -format y)
     $bodyText = "Current user accounts: " + $allUsersCount + "`r`n" + "Current inactive user accounts: " + $inactiveUsersCount
     $bodyHtml = $NULL
     $Context.SendMail($to, $subject, $bodyText, $bodyHtml)
    

  5. In the script, $to specifies the email address, to which the emails should be sent by the script, and $inactivityDurationDays specifies the number of days, during which an account should be inactive to match your criteria. Modify the script to your requirements.

  6. Click OK.

  7. On the 5th step, assign the Scheduled Task over the domain for which you want to collect the statistics.

  8. Finish creation of the Scheduled Task.

0

Hi there

Thanks

But it still send me 90 emails with the correct info (the 90 is the amount of current users also on the test AD at the moment.)

Any idea on how to send out only 1 email?

Regards
W@lly

0

Hello,

What object did you select on the 3rd step of the Create Scheduled Task wizard (steps 2-3 in my previous post) and what object did you assign the Scheduled Task on on the 5th step of the Create Scheduled Task wizard (step 7 in my previous post)? Can you post here a screenshot of your Scheduled Task with the Activity Scope section visible?

0

Hi there

Sorry, I saw my problem, thanks
It was set to users and not domain

Related questions

0 votes
1 answer

I had a script that would copy the values from adm-CustomAttributeTextMultiValue1 and save them into extensionAttribute15 as a comma seperated list. The script somehow got deleted and I can't seem to find the tutorial I used to create it before.

asked Jul 1 by jordan (110 points)
0 votes
1 answer

I am wanting to export a list of users including the properties of a specific custom attribute. Ideally, I would be able to run a get-admuser and filter on a custom attribute, but even an excel report with the custom attributes would work. Is this possible?

asked Sep 9, 2021 by ggallaway (300 points)
0 votes
1 answer

We have a fleet of Macbooks that use NoMAD to handle AD Authentiction and syncronization. How can we use Adaxes to handle the Password reset utility with these users. If they ... resync will be needed. Anybody else doing this or have a solution to the above?

asked May 13, 2020 by jcalvert (60 points)
0 votes
1 answer

Hello, I'm trying to create a daily scheduled task that runs that automatically disables users AD accounts who havent logged in to the domain in 45 days. At the same time ... inactivity period but it appears to only allow me to select weeks instead of days.

asked Apr 14, 2020 by sirslimjim (430 points)
0 votes
1 answer

We use DirSync/AAD Connect (without write-back) and we have some users that use email in the cloud and never authenticate to the on-prem domain controllers. Therefore, we ... has found which one might work the best in an Adaxes scheduled task for example.

asked Jan 31, 2018 by yourpp (530 points)
2,803 questions
2,535 answers
6,605 comments
62,200 users