Script Repository


Disabled managers with enabled direct reports

February 01, 2021
220

The script can be used to generate a report that will include disabled user accounts that are managers of enabled user accounts. For information on creating reports, see the Create Report tutorial.

Edit Remove
PowerShell
$Context.DirectorySearcher.AppendFilter("(&(sAMAccountType=805306368)(directReports=*)(userAccountControl:1.2.840.113556.1.4.803:=2))")
$Context.DirectorySearcher.SearchParameters.PropertiesToLoad.Add("distinguishedName")
try
{
    $searchIterator = $Context.DirectorySearcher.ExecuteSearch()
    $managerDNToSearchResult = @{}
    while ($Context.MoveNext($searchIterator))
    {
        $searchResult = $searchIterator.Current
        $managerDNToSearchResult.Add($searchResult.GetPropertyByName("distinguishedName").Values[0], $searchResult)
    }
}
finally
{
    # Release resources
    if ($searchIterator) { $searchIterator.Dispose() }
}

# Search parameters
$searcher = New-Object Softerra.Adaxes.Adsi.Search.DirectorySearcher $NULL, $False
$searcher.VirtualRoot = $True
$searcher.SearchParameters.SearchScope = "ADS_SCOPE_SUBTREE"
$searcher.SearchParameters.ReferralChasing = "ADS_CHASE_REFERRALS_NEVER"
$searcher.SearchParameters.Filter = "(&(sAMAccountType=805306368)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(manager=*))"
$searcher.SearchParameters.PageSize = 500
$searcher.SetPropertiesToLoad(@("manager"))

try
{
    # Execute search
    $searchIterator = $searcher.ExecuteSearch()
    while ($Context.MoveNext($searchIterator))
    {
        $searchResult = $searchIterator.Current
        $managerDN = $searchResult.GetPropertyByName("manager").Values[0]
        
        if ($managerDNToSearchResult.ContainsKey($managerDN))
        {
            $managerSearchResult = $managerDNToSearchResult[$managerDN]
            $managerDNToSearchResult.Remove($managerDN)
            $Context.Items.Add($managerSearchResult)
        }
    }
}
finally
{
    # Release resources
    if ($searchIterator) { $searchIterator.Dispose() }
}

Comments ( 0 )
No results found.
Leave a comment