How to get report on disabled users in last 24 hours?

Question

Is it possible to run a report to get users disabled in the last 24 hours?

Answer 1

Hello,

You can create a custom report that will be generated by a PowerShell script accessing Adaxes logs and output only the users that were disabled during the specified period. For information on how to create reports, have a look at the following tutorial: https://www.adaxes.com/tutorials_ActiveDirectoryManagement_CreateReport.htm. Should you have any issues creating the report, please, provide us with all the possible details regarding the desired behavior and we will help you.

Comments

I have now craeted a SQL database for logging.

Can you pelase help me with query to show disabled users in last 24 hours?

---

Hello,

I have now craeted a SQL database for logging.

Do we understand correctly that you enabled logging to an external MS SQL database in Adaxes?

Can you pelase help me with query to show disabled users in last 24 hours?

Do you want to query the records from the external database using an SQL server database tool or you want to have a report in Adaxes that can be generated on demand or scheduled? If latter is the case, please, provide us with the following details:

• What version of Adaxes are you currently using? For information on how to check it, have a look at the following help article: https://www.adaxes.com/help/HowDoI.ManageService.CheckAdaxesServiceVersion.html.
• Should the report always return only users disabled during the last 24 hours or the user generating the report should have a possibility to choose the period?

Any additional details would be much appreciated.

---

Do we understand correctly that you enabled logging to an external MS SQL database in Adaxes? Yes, logs are now going to a SQL database on SQL2016

Do you want to query the records from the external database using an SQL server database tool or you want to have a report in Adaxes that can be generated on demand or scheduled? We would like Adaxes to generate the report and email on a daily basis

What version of Adaxes are you currently using? 2019.2 (Version 3.12.17423.0 (64 bit))

Should the report always return only users disabled during the last 24 hours or the user generating the report should have a possibility to choose the period? Last 24 hours only (Can this be a scheduled report)

---

Hello, Thank you for the provided details. To create the report:

1. Launch Adaxes Administration Console.
2. In the Console Tree, right-click your service node.
3. In the context menu, navigate to New and click Report.
4. Enter a report name and select the Script optio.
5. Click Next 4 times.
6. Paste the below script into the corresponding field.

# Bind to Service Log
$serviceLogPath = $Context.GetWellKnownContainerPath("ServiceLog")
$serviceLog = $Context.BindToObject($serviceLogPath)

# Get log records
$generalLog = $serviceLog.GeneralLog
$generalLog.StartDateTime = (Get-Date).AddHours(-24)
$generalLog.EndDateTime = Get-Date

$log = $generalLog.Log
$records = $log.GetPage(0)

$guidsInBytes = New-Object "System.Collections.ArrayList"
foreach ($record in $records)
{
    if ($Context.Items.Aborted)
    {
        return
    }

    if (($record.TargetObjectType -ne "user") -or ($record.TargetObjectGuid -eq $NULL))
    {
        continue
    }

    if (($record.State -eq "OPERATION_STATE_FAILED_CAN_CONTINUE") -or
        ($record.State -eq "OPERATION_STATE_FAILED_NO_CONTINUE"))
    {
        continue
    }

    $operationTypes = $record.GetOperationTypes()
    if ($operationTypes -notcontains "disable account")
    {
        continue
    }

    $targetObjectGuid = ([Guid]$record.TargetObjectGuid).ToByteArray()
    $guidsInBytes.Add($targetObjectGuid)
}

$searcher = $Context.CreateGuidBasedSearcher($guidsInBytes)
$Context.Items.Add($searcher)

7. Click Next and finish creating the report.

---

Thank you. This is exactly what we are looking for.

Im sure there are other companies that would use this as well.

Why not add it as a default report in a future update :)