Výpis neaktivních objektů v AD

Home / Uncategorized / Výpis neaktivních objektů v AD

# InActiveObject v1.0
#
# – AD : test.local
# – number Of Days Of Inactivity
#

$erroractionpreference = "SilentlyContinue"
if ($args.count -lt 2) {
    Write-Host
    Write-Host "InActiveObject v1.0 [MW 2009]"
    Write-Host "List of inactive objects in Active Directory."
    Write-Host
    Write-Host "Usage : InActiveObject.ps1 domain.name numberOfDaysOfInactivity"
    Write-Host
    exit
}
[string]$domain = "LDAP://" + $args[0]
[int]$day = $args[1]
$Root = New-Object DirectoryServices.DirectoryEntry $domain
$selector = New-Object DirectoryServices.DirectorySearcher
$selector.SearchRoot = $root
$selector.PropertiesToLoad.Add("canonicalName")    >$null
$selector.PropertiesToLoad.Add("sAMAccountName")    >$null
$selector.PropertiesToLoad.Add("lastLogontimeStamp")    >$null
$currentDate = [System.DateTime]::Now
$currentDateUNC = $currentDate.ToUniversalTime()
$lastLogonTimeStamp = $currentDateUNC.AddDays(- $day)
$lastLogonTimeLimit = $lastLogonTimeStamp.ToFileTime()
$selector.Filter = "(lastLogonTimeStamp<=" + $lastLogonTimeLimit + ")"
$adobj= $selector.findall()
if (!$?) {
    Write-Host "[ERROR] Cannot connect to domain : " $domain
    exit
}
If ($adobj.Count -eq 0) {
    Write-Host "No account."
}Else {
    $colUser = @()
    foreach ($person in $adobj){
        $lastLogonTime = [System.DateTime]::FromFileTime([string]$person.properties.lastlogontimestamp)
       
        $objTemp = New-Object System.Object
        $objTemp | Add-Member -MemberType NoteProperty -Name Username -Value $person.properties.samaccountname
        $objTemp | Add-Member -MemberType NoteProperty -Name LastLogon -Value $lastLogonTime
        $objTemp | Add-Member -MemberType NoteProperty -Name Path -Value $person.properties.canonicalname
       
        $colUser += $objTemp
    }
}
$colUser

Napsat komentář

Vaše emailová adresa nebude zveřejněna. Vyžadované informace jsou označeny *