Script Repository


Notify owners of inactive computers

January 11, 2017
915

The script can be used to notify owners of computers that have been inactive for a certain number of days. Each owner will receive a list of their inactive computers. When notifying, it takes into account membership in owner groups.

To create a report upon request, you can create a Custom Command that runs the script. To schedule the report, you need to create a Scheduled Task. When creating a command or a task, configure it to be executed on the type of Active Directory objects in which you want to search for inactive computers. For example, if you want to search for computers located in a specific Organizational Unit, configure a command or task for the Organizational Unit objects, and execute them on the OU you need.

To add the script to a Custom Command or Scheduled Task, use the Run a program or PowerShell script action.

Parameters:

  • $inactivityDurationThreshold - specifies the number of days a computer neeeds to be inactive to be reported;
  • $subject - specifies the email message subject;
  • $reportHeader - specifies the email message header;
  • $reportFooter - specifies the email message footer.
Edit Remove
PowerShell
Import-Module Adaxes

$inactivityDurationThreshold = 30 # days. TODO: modify me
$subject = "Inactive Computers" # TODO: modify me
$htmlReportHeader = @"
<h1><b>Inactive Computers</b></h1><br/>
<p><b>In the near future the computers listed below will be deleted as these are inactive for $inactivityDurationThreshold week(s)</b></p>
<table border="1">
    <tr>
        <th>Computer Name</th>
        <th>Parent</th>
    </tr>
"@ # TODO: modify me
$htmlReportFooter = "<hr /><p><i>Please do not reply to this e-mail, it has been sent to you for notification purposes only.</i></p>" # TODO: modify me

function GetObjectDisplayName($objectDN)
{
    $objectPath = New-Object -TypeName "Softerra.Adaxes.Adsi.AdsPath"`
        -ArgumentList @($null, $objectDN)    
    return [Softerra.Adaxes.Utils.ObjectNameHelper]::GetObjectName(
        $objectPath, "IncludeParentPath")
}

# Find inactive computers
$baseDN = "%distinguishedName%"
$domain = $Context.GetObjectDomain($baseDN)
$computers = Search-AdmAccount -AccountInactive `
    -TimeSpan "$inactivityDurationThreshold" `
    -SearchBase $baseDN -ComputersOnly `
    -Server $domain -AdaxesService localhost

if ($computers -eq $NULL)
{
    return
}

$ownersInfo = @{}
foreach ($computer in $computers)
{
    # Bind to computer
    $computer = Get-AdmComputer $computer -Properties managedBy `
        -Server $domain -AdaxesService "localhost"
    
    if ([System.String]::IsNullOrEmpty($computer.managedBy))
    {
        continue
    }
    
    # Bind to owner
    $owner = $Context.BindToObjectByDN($computer.managedBy)
    
    # Get owner Email
    $ownerEmailAddresses = @()
    if ($owner.Class -ine "group")
    {
        try
        {
            $ownerEmail = $owner.Get("mail")
        }
        catch
        {
            continue
        }

        $ownerEmailAddresses += $ownerEmail
    }
    else
    {
        # Get all group members
        foreach ($memberGuidInByte in $owner.Get("adm-MembersGuid"))
        {
            $memberGuid = New-Object "System.Guid" (, $memberGuidInByte)
            $memberGuid = $memberGuid.ToString("B")
            $memberPath = "Adaxes://<GUID=$memberGuid>"
            $member = $Context.BindToObject($memberPath)
            
            if ($member.Class -ine "user")
            {
                continue
            }
            
            # Get member Email address
            try
            {
                $memberEmail = $member.Get("mail")
            }
            catch
            {
                continue
            }
            
            $ownerEmailAddresses += $memberEmail
        }
    }

    # Add owner mail and computer DN to the hash table
    foreach ($mail in $ownerEmailAddresses)
    {
        if (!$ownersInfo.ContainsKey($mail))
        {
            $ownersInfo.Add($mail, @()) | Out-Null
        }
        
        if ($ownersInfo[$mail] -contains $computer.DistinguishedName)
        {
            continue
        }
        
        $ownersInfo[$mail] += $computer.DistinguishedName
    }
}

# Send mail to each owner in the hash table
foreach ($mail in $ownersInfo.Keys)
{
    # Build report
    $report = $NULL
    foreach ($computerDN in $ownersInfo[$mail])
    {
        $computerDN = New-Object "Softerra.Adaxes.Ldap.DN" $computerDN
        
        # Get computer name
        $computerName = $computerDN.Leaf.Value
        # Get parent name
        $parentDisplayName = GetObjectDisplayName($computerDN.Parent.ToString())
        
        # Add computer name and parent name to report
        $report += "<tr><td>" + $computerName + "</td>"
        $report += "<td>" + $parentDisplayName + "</td></tr>"
    }
    $report += "</table>"

    # Build Html Body
    $htmlBody = $htmlReportHeader + $report + $htmlReportFooter
    
    # Send mail
    $Context.SendMail($mail, $subject, $NULL, $htmlBody)
}


Comments ( 0 )
No results found.
Leave a comment