Hi,
I have a Powershell script that works great except it does not actually return all AD users. The script is a bastardization of another script, i don't care about the last logon date but this was where i started with the original script.
What i do need is to export to csv all AD users, email address, if the account is disabled and if they are a member of "xyz" security group and/or if they are a member of "xyz" OU.
The script is below, if anyone can help i would be very grateful
$NumDays = 0$c+= get-content env:computername
$LogDir = ".\"+$c+"_domainuser.csv"
$groupToFind = ""
$ouToFind = ""
$currentDate = [System.DateTime]::Now
$currentDateUtc = $currentDate.ToUniversalTime()
$lltstamplimit = $currentDateUtc.AddDays(- $NumDays)
$lltIntLimit = $lltstampLimit.ToFileTime()
$adobjroot = [adsi]''
$objstalesearcher = New-Object System.DirectoryServices.DirectorySearcher($adobjroot)
$objstalesearcher.filter = "(&(objectCategory=person)(objectClass=user)(lastLogonTimeStamp<=" + $lltIntLimit + "))"
$users = $objstalesearcher.findall() | select `
@{e={$_.properties.cn};n='Display Name'},`
@{e={$_.properties.samaccountname};n='Username'},`
@{e={[string]$adspath=$_.properties.adspath;$account=[ADSI]$adspath;$account.psbase.invokeget('AccountDisabled')};n='Account Is Disabled'}, `
@{e={$_.properties.mail};n='Email Address'}, `
@{e={ If ( $_.properties.memberof | ForEach { If ( $_ -split "," -eq "CN=" + $groupToFind ) { $true } } ) { "Yes" } Else { "No"} };n="Member of $groupToFind"}, `
@{e={ If ( $_.properties.distinguishedname -split "," -eq "OU=" + $ouToFind ) { "Yes" } Else { "No" } };n="Member of $ouToFind"}
$users | Sort-Object "Account Is Disabled" | Export-Csv $LogDir -NoTypeInformation