Report on recently disabled users, with added scope/parameters.

Question

Hello, I currently have a working script that lists out ALL users disabled in the last 30 days. I am trying to adjust the parameter to ONLY include subordinates of a certain person or filter by departments. I'm assuming the script is taking precedence, so the parameter isn't working. Am I able to adjust it through the report options in Adaxes, or how would I alter the script? Is there an easier way to do this? TIA

Current script:

$days = 30 

# Bind to the directory object representing the General Log
$path = $Context.GetWellKnownContainerPath("ServiceLog")
$serviceLog = $Context.BindToObject($path)

$generalLog = $serviceLog.GeneralLog
if ($days -ne 0)
{
   $generalLog.StartDateTime = (Get-Date).AddDays(-$days)
   $generalLog.EndDateTime = Get-Date
}

# Get the log records
$log = $generalLog.Log
$records = $log.GetPage(0)

# Build filter to search for disabled users
$guidComparer = $Context.CreatePropertyValueComparer("objectGuid")
$guids = New-Object System.Collections.Generic.HashSet[byte[]] @($guidComparer)

foreach ($record in $records)
{
    if ($Context.Items.Aborted)
    {
        return
    }

    if (($record.TargetObjectType -ne "user") -or ($record.TargetObjectGuid -eq $NULL))
    {
        continue
    }

    $operationTypes = $record.GetOperationTypes()
    if ($operationTypes -notcontains "disable account")
    {
        continue
    }

    # Get GUID
    $guidBytes = ([Guid]$record.TargetObjectGuid).ToByteArray()
    $guids.Add($guidBytes)
}

$searcher = $Context.CreateGuidBasedSearcher(@($guids))
$searcher.Criteria = New-AdmCriteria -Type "user" -Expression {accountDisabled -eq $true}
$Context.Items.Add($searcher)

Comments

Hello Milan,

What exactly do you mean by subordinates of a certain person or filter by departments? How exactly do you see the options working? Please, describe the desired behavior in all the possible details with live examples.

---

Hi, "subordinates" meaning all users under a certain manager, and all users under those managers, instead of just "direct reports" which is only the users directly under a manager. This report already exists in Adaxes, I am simply just trying to pull a report for a specific department (or manager since that manager is part of that department), within the past 30 days.

---

Hello Milan,

Do we understand correctly that you want to select the manager manually via a parameter when generating the report? What should be done in case if the specified manager does not have a department?