Script Repository


Management activity of all users in container

February 18, 2021
1267

The script exports the management activity of all users in the Organizational Unit or container on which it is executed to a CSV file.

Note: The script uses the $Context variable available on the server side only. This means that the script can be executed only by business rules, custom commands, and scheduled tasks. For example, to export log records on a regular basis, you can create a scheduled task and assign it over the Organizational Unit or container in which you want to export the management activity. To add the script to a scheduled task, use the Run a program or PowerShell script action.

Parameters:

  • $numDays - Specifies the number of days to get log records for.
  • $csvFilePath - Specifies the path to the CSV file that will be created.
Edit Remove
PowerShell
$numDays = 30 # set to 0 to output all records
$csvFilePath = "\\server\share\report.csv" # TODO: modify me

# Search all users in the target OU
$searcher = $Context.TargetObject
$searcher.SearchFilter = "(sAMAccountType=805306368)"
$searcher.SearchScope = "ADS_SCOPE_SUBTREE"
$searcher.SetPropertiesToLoad(@("objectGuid"))

try 
{
    $searchResult = $searcher.ExecuteSearch()
    $users = $searchResult.FetchAll()
    
    # Add display names of the users to the report
	$userInfo = @{}
    foreach ($userId in $users)
    {
        $userGuid = [Guid]$userId.Properties["objectGuid"].Value
        $userDisplayName = $Context.GetDisplayNameFromAdsPath($userId.AdsPath)
        $userInfo.Add($userGuid, @($userDisplayName, @())) | Out-Null
    }
}
finally
{
    $searchResult.Dispose()
}

# Build report

# Bind to the directory object representing the General Log
$path = $Context.GetWellKnownContainerPath("ServiceLog")
$serviceLog = $Context.BindToObject($path)

$generalLog = $serviceLog.GeneralLog
if ($numDays -ne 0)
{
   $generalLog.StartDateTime = (Get-Date).AddDays(-$numDays)
   $generalLog.EndDateTime = Get-Date
}

# Get log records
$log = $generalLog.Log
$records = $log.GetPage(0)

$reportRecordTemplate = New-Object PSObject
$reportRecordTemplate | Add-Member -Name UserName -Value $NULL -MemberType NoteProperty
$reportRecordTemplate | Add-Member -Name Operation -Value $NULL -MemberType NoteProperty
$reportRecordTemplate | Add-Member -Name TargetObjectName -Value $NULL -MemberType NoteProperty
$reportRecordTemplate | Add-Member -Name CompletionTime -Value $NULL -MemberType NoteProperty

foreach ($record in $records)
{
    $initiatorGuid = [Guid]$record.Initiator.Guid
    if ($userInfo.ContainsKey($initiatorGuid))
    {
        # Add log record to report
		$reportRecord = $reportRecordTemplate.PSObject.Copy()
        $userDisplayName = $userInfo[$initiatorGuid][0]
        $reportRecord.UserName = $userDisplayName
        $reportRecord.Operation = $record.Description
        $reportRecord.TargetObjectName = $record.TargetObjectName
        $reportRecord.CompletionTime = $record.CompletionTime
        $logRecords = $userInfo[$initiatorGuid][1]
        $logRecords += $reportRecord
    }
}

# Output report to CSV File
$report = @()
foreach ($key in $userInfo.Keys)
{
    $logRecords = $userInfo[$key][1]
    if ($logRecords.Length -eq 0)
    {
        $logRecord = $reportRecordTemplate.PSObject.Copy()
        $userDisplayName = $userInfo[$key][0]
        $logRecord.UserName = $userDisplayName
        $report += $logRecord
        continue
    }
    
    $report += $logRecords
}

$report | Sort-Object {$_.UserName} | Export-Csv -NoTypeInformation -Path $csvFilePath


Comments ( 0 )
No results found.
Leave a comment