0 votes

Is it possible to run a report to get users disabled in the last 24 hours?

by (880 points)

1 Answer

0 votes
by (197k points)

Hello,

You can create a custom report that will be generated by a PowerShell script accessing Adaxes logs and output only the users that were disabled during the specified period. For information on how to create reports, have a look at the following tutorial: https://www.adaxes.com/tutorials_ActiveDirectoryManagement_CreateReport.htm. Should you have any issues creating the report, please, provide us with all the possible details regarding the desired behavior and we will help you.

0

I have now craeted a SQL database for logging.

Can you pelase help me with query to show disabled users in last 24 hours?

0

Hello,

I have now craeted a SQL database for logging.

Do we understand correctly that you enabled logging to an external MS SQL database in Adaxes?

Can you pelase help me with query to show disabled users in last 24 hours?

Do you want to query the records from the external database using an SQL server database tool or you want to have a report in Adaxes that can be generated on demand or scheduled? If latter is the case, please, provide us with the following details:

Any additional details would be much appreciated.

0

Do we understand correctly that you enabled logging to an external MS SQL database in Adaxes? Yes, logs are now going to a SQL database on SQL2016

Do you want to query the records from the external database using an SQL server database tool or you want to have a report in Adaxes that can be generated on demand or scheduled? We would like Adaxes to generate the report and email on a daily basis

What version of Adaxes are you currently using? 2019.2 (Version 3.12.17423.0 (64 bit))

Should the report always return only users disabled during the last 24 hours or the user generating the report should have a possibility to choose the period? Last 24 hours only (Can this be a scheduled report)

+1

Hello, Thank you for the provided details. To create the report:

  1. Launch Adaxes Administration Console.
  2. In the Console Tree, right-click your service node.
  3. In the context menu, navigate to New and click Report. image.png
  4. Enter a report name and select the Script optio. image.png
  5. Click Next 4 times.
  6. Paste the below script into the corresponding field.
# Bind to Service Log
$serviceLogPath = $Context.GetWellKnownContainerPath("ServiceLog")
$serviceLog = $Context.BindToObject($serviceLogPath)

# Get log records
$generalLog = $serviceLog.GeneralLog
$generalLog.StartDateTime = (Get-Date).AddHours(-24)
$generalLog.EndDateTime = Get-Date

$log = $generalLog.Log
$records = $log.GetPage(0)

$guidsInBytes = New-Object "System.Collections.ArrayList"
foreach ($record in $records)
{
    if ($Context.Items.Aborted)
    {
        return
    }

    if (($record.TargetObjectType -ne "user") -or ($record.TargetObjectGuid -eq $NULL))
    {
        continue
    }

    if (($record.State -eq "OPERATION_STATE_FAILED_CAN_CONTINUE") -or
        ($record.State -eq "OPERATION_STATE_FAILED_NO_CONTINUE"))
    {
        continue
    }

    $operationTypes = $record.GetOperationTypes()
    if ($operationTypes -notcontains "disable account")
    {
        continue
    }

    $targetObjectGuid = ([Guid]$record.TargetObjectGuid).ToByteArray()
    $guidsInBytes.Add($targetObjectGuid)
}

$searcher = $Context.CreateGuidBasedSearcher($guidsInBytes)
$Context.Items.Add($searcher)
  1. Click Next and finish creating the report.
0

Thank you. This is exactly what we are looking for.

Im sure there are other companies that would use this as well.

Why not add it as a default report in a future update :)

Related questions

0 votes
1 answer

I'd like to be able to either send an email report or export a CSV of all of the business rules carried out when a user is disabled. This would be ... Management Activity section but this includes things that weren't part of the disable operation. Thanks

asked Feb 19, 2020 by bavery (1.3k points)
0 votes
1 answer

I have a custom command which require approve before it starts. How can I get access to approve message within my custom command?

asked Nov 24, 2020 by dyuryagin (250 points)
0 votes
1 answer

We used to run AD Audit and it would provide additional details on what was locking a user's account (workstation name, application, etc...). Is there are way with Adaxes ... on what is locking an account? Or a way to pull historical data on locked accounts?

asked Nov 16, 2020 by pulsifers (250 points)
0 votes
1 answer

I have tried using this Powershell script but it gives me this error

asked Apr 1 by rujimg (450 points)
0 votes
0 answers

We have been checking to see who users were most recently disabled so we can manually check a few things. Here is the code I used to get that information using the ... report $Context.SendMail($to, $subject, $NULL, $htmlBody) } I hope someone finds it useful!

asked Jan 8, 2015 by mobosys (1.1k points)
2,447 questions
2,198 answers
5,913 comments
295,127 users