Script Repository


Disabled users

November 21, 2016
1326

The below scripts can be used to create reports on disabled users in all domains managed by Adaxes.

Note: To schedule a report, create a Scheduled Task configured for the Domain-DNS object type that runs the necessary script and assign it over any of your AD domains. To add the script to a Scheduled Task, use the Run a program or PowerShell script action.

Below you can find 2 different scripts that create reports in 2 formats: an HTML-formatted report and a CSV file.

HTML Report

This script creates and emails the report in the HTML format.

Parameters:

  • $to - specifies a comma separated list of recipients of the report;
  • $subject - specifies the email message subject;
  • $reportHeader - specifies the email message header;
  • $reportFooter - specifies the email message footer.
Edit Remove
PowerShell
$to = "recipient@domain.com" # TODO: modify me
$subject = "Disabled Accounts" # TODO: modify me
$reportHeader = @"
<b>Disabled Accounts</b><br/><br/>
<table border="1">
    <tr>
        <th>Username</th>
        <th>Initiator</th>
        <th>Date</th>
    </tr>
"@ # TODO: modify me
$reportFooter = "<hr /><p><i>Please do not reply to this e-mail, it has been sent to you for notification purposes only.</i></p>" # TODO: modify me

function GetOperationInfo($userPath)
{
    $user = $Context.BindToObject($userPath)
    $modificationLog = $user.GetModificationLog()
    
    # Get all log records
    $log = $modificationLog.Log
    
    # Get the current page of log records
    $logRecords = $log.GetPage(0)
    
    # Output information contained in each record
    foreach ($record in $logRecords)
    {
        $operationTypes = $record.GetOperationTypes()
        if ($operationTypes -notcontains "disable account")
        {
            continue
        }
        
        return @($Context.GetDisplayNameFromAdsPath($record.Initiator.AdsPath), $record.CompletionTime)
     }
     
     return $NULL
}

$searcher = $Context.BindToObject("Adaxes://rootDSE")
$searcher.SearchFilter = "(&(sAMAccountType=805306368)(userAccountControl:1.2.840.113556.1.4.803:=2))"
$searcher.SearchScope = "ADS_SCOPE_SUBTREE"
$searcher.PageSize = 500
$searcher.VirtualRoot = $True
try
{
    $searchResult = $searcher.ExecuteSearch()
    $users = $searchResult.FetchAll()
    
    foreach ($userID in $users)
    {
        $username = $Context.GetDisplayNameFromAdsPath($userID.AdsPath)
        $operationInfo = GetOperationInfo $userID.AdsPath
        if ($operationInfo -eq $NULL)
        {
            $initiatorName = "Unkown"
            $completionTime = "Unkown"
        }
        else
        {
            $initiatorName = $operationInfo[0]
            $completionTime = $operationInfo[1]
        }
        
        # Add report record
        $reportHeader += "<tr><td>$username</td><td>$initiatorName</td><td>$completionTime</td></tr>"
    }
}
finally
{
    $searchResult.Dispose()
}
$reportHeader += "</table>"
$html = $reportHeader + $reportFooter

# Send email
$Context.SendMail($to, $subject, $NULL, $html)

CSV Report

This script creates the report in the CSV format and saves it to a certain file share.

Parameters:

  • $csvFilePath - specifies a UNC path to the CSV file that will be created by the script;
  • $reportProperties - specifies a list of properties that will be included in the report for each user.
Edit Remove
PowerShell
$csvFilePath = "\\EXAMPLE\spool\Disabled users.csv"
$reportProperties = @("sAMAccountName", "description")

# Get display names for all properties
$culture = [System.Globalization.CultureInfo]::CurrentCulture
$attributeFriendlyNamesCache = [Softerra.Adaxes.Directory.AttributeFriendlyNamesCache]::GetInstance($culture)

# Find disabled users in all managed domains
$searcher = $Context.BindToObject("Adaxes://rootDSE")
$searcher.SearchFilter = "(&(sAMAccountType=805306368)(userAccountControl:1.2.840.113556.1.4.803:=2))"
$searcher.SearchScope = "ADS_SCOPE_SUBTREE"
$searcher.PageSize = 500
$searcher.SetPropertiesToLoad($reportProperties)
$searcher.VirtualRoot = $True
try
{
    $searchResultIterator = $searcher.ExecuteSearch()
    $users = $searchResultIterator.FetchAll()
    
    # Include users in the report
    $csv = @()
    foreach ($user in $users)
    {
        $userInfo = New-Object PSObject
        foreach ($property in $reportProperties)
        {
            $propertyName = $attributeFriendlyNamesCache.GetFriendlyName($property, "user")
            $userInfo | Add-Member -MemberType NoteProperty -Name $propertyName -Value $user.Properties[$property].Value
        }
        $csv += $userInfo
    }
    
    # Export to CSV
    $csv | Export-Csv $csvFilePath -NoTypeInformation
}
finally
{
    # Release resources used by the search
    $searchResultIterator.Dispose()
}

Comments ( 0 )
No results found.
Leave a comment