Script Repository

Users without photo

May 18, 2020

The script emails a report on users who don't have a photo stored in Active Directory.

Note: The script uses the $Context variable available on the server side only. This means that the script can be executed only by Business Rules, Custom Commands, and Scheduled Tasks. For example, to schedule the report, you can create a Scheduled Task configured for the Domain-DNS object type. To add the script to a Scheduled Task, use the Run a program or PowerShell script action.


  • $to - specifies email addresses of the recipient(s) of the report;
  • $subject - specifies the email message subject;
  • $ouDNs - pecifies Distinguished Names (DNs) of the Organizational Units that you want to run the report for;
  • $excludeOuDNs - specifies Distinguished Names (DNs) of the Organizational Units within the scope defined by$ouDNs that should be excluded from the report.
Edit Remove
$to = "" # TODO: modify me
$subject = "Employees without Photos" # TODO: modify me
$ouDNs = @("OU=MyOU1,DC=example,DC=com", "OU=MyOU2,DC=example,DC=com") # TODO: modify me
$exludeOuDNs = @("OU=Sub-OU,OU=MyOU1,DC=example,DC=com") # TODO: modify me

function SkipUser ($userDN, $exludeOuDNs)
    foreach ($dn in $exludeOuDNs)
            return $True
    return $False

function BuildReport($ouDN, $exludeOuDNs)
    # Find users without photos
    $searcher = $Context.BindToObjectByDN($ouDN)
    $searcher.PageSize = 500
    $searcher.SearchScope = "ADS_SCOPE_SUBTREE"
    $searcher.SearchFilter = "(&(objectCategory=person)(objectClass=user)(!(thumbnailPhoto=*)))"
    $searcher.SetPropertiesToLoad(@("distinguishedName", "name", "sAMAccountName", "objectGuid"))
        $searchResultIterator = $searcher.ExecuteSearch()
        $searchResults = $searchResultIterator.FetchAll()
        # Add information about each user
        $searchResultsCount = 0
        if ($searchResults.Count -gt 0)
            foreach ($searchResult in $searchResults)
                $userDN = New-Object "Softerra.Adaxes.Ldap.DN" $searchResult.Properties["distinguishedName"].Value
                if (SkipUser $userDN $exludeOuDNs)
                [void]$htmlBuilder.AppendFormat("<td>{0}</td>", $searchResult.Properties["name"].Value)
                [void]$htmlBuilder.AppendFormat("<td>{0}</td>", $searchResult.Properties["sAMAccountName"].Value)
                $parentDisplayName = GetObjectDisplayName($userDN.Parent.ToString())
                [void]$htmlBuilder.AppendFormat("<td>{0}</td>", $parentDisplayName)
                if ($appendWebInterFaceLink)
                    [void]$htmlBuilder.AppendFormat("<td><a href='$webInterfaceAddress`ViewObject.aspx?guid={0}'>View</a></td>", [Guid]$searchResult.Properties["objectGuid"].Value)
        return $searchResultsCount
		# Release resources

function GetObjectDisplayName($objectDN)
    $objectPath = New-Object -TypeName "Softerra.Adaxes.Adsi.AdsPath"`
        -ArgumentList @($null, $objectDN)   
    return [Softerra.Adaxes.Utils.ObjectNameHelper]::GetObjectName(
        $objectPath, "IncludeParentPath")

# Get the default Web Interface address
$webInterfaceAddress = "%adm-WebInterfaceUrl%"
$appendWebInterFaceLink = $True
if ([System.String]::IsNullOrEmpty($webInterfaceAddress))
    $appendWebInterFaceLink = $False
    $Context.LogMessage("Default Web Interface address not set for Adaxes service. For details, see", "Warning")

# Start building the report
$htmlBuilder = New-Object "System.Text.StringBuilder"
$htmlBuilder.Append("<meta http-equiv=""Content-Type""`
    content=""text/html charset=UTF-8""></head>")
$htmlBuilder.Append("<p>Disabled Managers</p>")
$htmlBuilder.Append("<table width=""100%%"" border=""1"">")
$htmlBuilder.Append("<th>Full Name</th><th>Username</th><th>Parent</th>")
if ($appendWebInterFaceLink)
$totalCount = 0

# Process each OU
foreach ($dn in $ouDNs)
    $totalCount += BuildReport $dn $exludeOuDNs

# Finish building the report
$htmlBuilder.AppendFormat("<br/>Total: {0} employees", $totalCount)

# Send mail
$Context.SendMail($to, $subject, $NULL, $htmlBuilder.ToString())

Comments ( 0 )
No results found.
Leave a comment