Script Repository


Disabled managers with Direct Reports

June 06, 2017
2006

The script e-mails a list of disabled user accounts assigned as managers of other users.

Note: Employee-manager relationships are established in Active Directory via the Manager property of a user's account.

To schedule the report, create a Scheduled Task configured for the Domain-DNS object type.

Parameters:

  • $to - specifies email addresses of the recipient(s) of the report;
  • $subject - specifies the email message subject.
Edit Remove
PowerShell
$to = "recipient@example.com" # TODO: modify me
$subject = "[AD Report] Disabled Managers"

function GetObjectDisplayName($objectDN)
{
    $objectPath = New-Object -TypeName "Softerra.Adaxes.Adsi.AdsPath"`
        -ArgumentList @($null, $objectDN)   
    return [Softerra.Adaxes.Utils.ObjectNameHelper]::GetObjectName(
        $objectPath, "IncludeParentPath")
}

# Get the default Web Interface address
$webInterfaceAddress = "%adm-WebInterfaceUrl%"
$appendWebInterFaceLink = $True
if ([System.String]::IsNullOrEmpty($webInterfaceAddress))
{
    $appendWebInterFaceLink = $False
    $Context.LogMessage("Default Web Interface address not set for Adaxes service. For details, see http://www.adaxes.com/help/?HowDoI.ManageService.RegisterWebInterface.html", "Warning")
}

# Build report header
$htmlBuilder = New-Object "System.Text.StringBuilder"
$htmlBuilder.append("<html><head>")
$htmlBuilder.append("<meta http-equiv=""Content-Type""`
    content=""text/html charset=UTF-8""></head>")
$htmlBuilder.append("<body>")
$htmlBuilder.append("<p>Disabled Managers with Direct Reports</p>")
$htmlBuilder.append("<table width=""100%%"" border=""1"">")
$htmlBuilder.append("<tr>")
$htmlBuilder.append("<th>Full Name</th><th>Username</th>
<th>Parent</th><th>Direct Reports</th>")
if ($appendWebInterFaceLink)
{
    $htmlBuilder.append("<th>View in Adaxes</th>")
}
$htmlBuilder.append("</tr>")

# Find disabled managers with Direct Reports
$searcher = $Context.BindToObject("Adaxes://rootDSE")
$searcher.PageSize = 500
$searcher.SearchScope = "ADS_SCOPE_SUBTREE"
$searcher.SearchFilter = "(&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=2)(directReports=*))"
$searcher.ReferralChasing = "ADS_CHASE_REFERRALS_NEVER"
$searcher.SetPropertiesToLoad(@("distinguishedName", "name", "sAMAccountName", "directReports", "objectGUID"))
$searcher.VirtualRoot = $True

try
{
    $searchResult = $searcher.ExecuteSearch()
    $disabledManagers = $searchResult.FetchAll()
    
    # Add information on each disabled manager to the report
    foreach ($managerId in $disabledManagers)
    {
        $managerDN = New-Object "Softerra.Adaxes.Ldap.DN" $managerId.Properties["distinguishedName"].Value
        $parentDisplayName = GetObjectDisplayName($managerDN.Parent.ToString())
        $htmlBuilder.append("<tr>")
        $htmlBuilder.appendFormat("<td>{0}</td>", $managerId.Properties["name"].Value)
        $htmlBuilder.appendFormat("<td>{0}</td>", $managerId.Properties["sAMAccountName"].Value)
        $htmlBuilder.appendFormat("<td>{0}</td>", $parentDisplayName)
        
        # Append Direct Reports
        $htmlBuilder.append("<td>")
        foreach ($directReportDN in $managerId.Properties["directReports"].Values)
        {
            $directReport = $Context.BindToObjectByDN($directReportDN)
            $htmlBuilder.appendFormat("{0} ({1})<br />", $directReport.Get("name"), $directReport.Get("sAMAccountName"))
        }
        $htmlBuilder.append("</td>")
        
        if ($appendWebInterFaceLink)
        {
            $htmlBuilder.appendFormat("<td><a href='$webInterfaceAddress`ViewObject.aspx?guid={0}'>View</a></td>", [Guid]$managerId.Properties["objectGUID"].Value)
        }
        $htmlBuilder.append("</tr>")
    }
    
    $htmlBuilder.append("</table>")
    $htmlBuilder.appendFormat("Total: {0} accounts", $disabledManagers.Count.ToString())
    $htmlBuilder.append("</body></html>")
    
    # Send mail
    $Context.SendMail($to, $subject, $NULL, $htmlBuilder.ToString())
}
finally
{
    $searchResult.Dispose()
}


Comments ( 1 )
avatar
Mark
January 09, 2019

I can confirm this works perfectly with 2018.2. Thank you!

Leave a comment