-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathAD-Reporting_Audit.ps1
53 lines (46 loc) · 1.81 KB
/
AD-Reporting_Audit.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
# Load PowerShell module for Active Directory
Import-Module ActiveDirectory
$properties = @(
"Name",
"GivenName",
"Surname",
"SamAccountName",
"CanonicalName",
"EmailAddress",
"UserPrincipalName"
"DistinguishedName",
"employeeID",
"Enabled",
"AccountLockoutTime"
"Title",
"extensionAttribute1",
"Description",
"Department",
"Office",
"Company",
"City",
"Country",
"AccountExpirationDate",
"Manager",
"PasswordExpired",
"PasswordLastSet",
"PasswordNeverExpires",
"SID",
"Created",
"LastLogonDate",
"Modified"
)
#date
$date = $((Get-Date).ToString('MM-dd-yyyy_hh-mm'))
#path
$path = "C:"+$env:HOMEPATH +"\Desktop\"
# Export all users with details
Get-ADUser -filter * -properties $properties | Select-Object $properties | Export-Csv -force -NoTypeInformation -path "$path\AD_Report_$date.csv"
# Export all users in Account Operators
Get-ADGroupMember -identity “Account Operators” | select distinguishedName,sAMAccountName | Export-Csv -force -NoTypeInformation -path "$path\AD_Groups_AO_$date.csv"
# Export all users in Enterprise Admins
Get-ADGroupMember -identity "Enterprise Admins" | select distinguishedName,sAMAccountName | Export-Csv -force -NoTypeInformation -path "$path\AD_Groups__EA_$date.csv"
# Export all users in Domain Admins
Get-ADGroupMember -identity "Domain Admins" | select distinguishedName,sAMAccountName | Export-Csv -force -NoTypeInformation -path "$path\AD_Groups_DA_$date.csv"
# Export all users in AD Administrators OU
Get-ADUser -SearchBase “OU=Administrators,DC=domain,DC=local” -filter * -properties $properties | Select-Object $properties | Export-Csv -force -NoTypeInformation -path "$path\AD_OU_Admins_$date.csv"