0 votes

Hi there

I need to run a script that wil show me (by email) the number of current users and inactive users (only the totals)

Here is what I got:

Import-Module Adaxes
$date = Get-Date -format y
$to = email@comp.com
$subject = "User count | " + $date
$Objects_All = Get-AdmUser -Filter * -SearchBase "DC=network,DC=local"
$Objects_All.Count
$Objects_Inactive = Get-AdmUser -Filter {Enabled -eq $False} -SearchBase "DC=network,DC=local"
$Objects_Inactive.count
$bodyText = "Current external user accounts: " + $Objects_All.Count + "rn" + "Current inactive external user accounts: " + $Objects_Inactive.count
$bodyHtml = $NULL
$Context.SendMail($to, $subject, $bodyText, $bodyHtml)

and this is the body info I want in the emai: (only 1 email)

Current external user accounts:
Current inactive external user accounts:

Please help me as I'm new to this
Thanks
W@lly

by (210 points)
0

Hello,

Could you describe your task in more detail? In particular, how are you planning to launch the script? Are you going to launch it from PowerShell console or would you like to create a Scheduled Task that will email you the required information at certain time intervals?

Also, you mention that you would like to get the number of inactive users, however in you script that you posted above you get the number of disabled users. Please, clarify.

0

Hi there

Yes, Scheduled Task that will email me once a month
I want the number of Active and inactive users

Current user accounts:
Current inactive user accounts:

Thanks

W@lly

1 Answer

0 votes
by (216k points)

Hello,

Find the requested PowerShell script below. You can use the script with Scheduled Tasks to collect and email the required statistics on a regular basis. To schedule the script:

  1. Create a new Scheduled Task.

  2. On the 3rd step of the Create Scheduled Task wizard, you need to select the type of objects, for which the Scheduled Task will run. If you want to collect the required user statistics for a domain, you need to select the Domain-DNS object type. As it is not visible by default in the Object type list, select the Show all object types option.

  3. Select the Domain-DNS object type.

  4. On the 4th step, add the Run a program or PowerShell script action and paste the following script in the Script field:

     $to = "email@company.com" # TODO: Modify me. Specifies the recipient of the emails.
     $inactivityDurationDays = 90  # TODO: Modify me. Specifies the number of days, during which an account should be inactive to match the criteria.
    
     function CalculateSearchResults($baseObjectPath, $filter)
     {
         $searcher = New-Object "Softerra.Adaxes.Adsi.Search.DirectorySearcher" @($NULL, $False)
         $searcher.SearchParameters.BaseObjectPath = $baseObjectPath
         $searcher.SearchParameters.Filter = $filter
         $searcher.SearchParameters.PageSize = 100
         $searcher.SearchParameters.PropertiesToLoad.Add("1.1") | Out-Null
         $searcher.SearchParameters.SearchScope = "ADS_SCOPE_SUBTREE"
         $iterator = $searcher.ExecuteSearch()
         try
         {
             $result = $iterator.FetchAll().Count
         }
         finally
         {
             $iterator.Dispose()
         }
         return $result
     }
    
     # Get all users count
     [String[]]$objectTypes = "user"
     $allUsersFilter = [Softerra.Adaxes.Ldap.FilterBuilder]::CreateObjectTypesFilter($objectTypes)
     $allUsersCount = CalculateSearchResults $Context.TargetObject.ObjectInfo.Path $allUsersFilter
    
     # Get inactive users count
     $inactivityThreshold = [System.DateTime]::Now.AddDays(-($inactivityDurationDays))
     $inactivityThresholdInt64 = $inactivityThreshold.ToFileTime()
     $inactivityThresholdGeneralizedTime = 
             $inactivityThreshold.ToUniversalTime())
     $inactiveAccountFilter = "(&" +
         $allUsersFilter +
         "(whenCreated<=$inactivityThresholdGeneralizedTime)" +
         "(|(!(lastLogonTimestamp=*))(lastLogonTimestamp<=$inactivityThresholdInt64))" +
     ")"
     $inactiveUsersCount = CalculateSearchResults $Context.TargetObject.ObjectInfo.Path $inactiveAccountFilter
    
     # Send e-mail message
     $subject = "User count | " + (Get-Date -format y)
     $bodyText = "Current user accounts: " + $allUsersCount + "`r`n" + "Current inactive user accounts: " + $inactiveUsersCount
     $bodyHtml = $NULL
     $Context.SendMail($to, $subject, $bodyText, $bodyHtml)
    

  5. In the script, $to specifies the email address, to which the emails should be sent by the script, and $inactivityDurationDays specifies the number of days, during which an account should be inactive to match your criteria. Modify the script to your requirements.

  6. Click OK.

  7. On the 5th step, assign the Scheduled Task over the domain for which you want to collect the statistics.

  8. Finish creation of the Scheduled Task.

0

Hi there

Thanks

But it still send me 90 emails with the correct info (the 90 is the amount of current users also on the test AD at the moment.)

Any idea on how to send out only 1 email?

Regards
W@lly

0

Hello,

What object did you select on the 3rd step of the Create Scheduled Task wizard (steps 2-3 in my previous post) and what object did you assign the Scheduled Task on on the 5th step of the Create Scheduled Task wizard (step 7 in my previous post)? Can you post here a screenshot of your Scheduled Task with the Activity Scope section visible?

0

Hi there

Sorry, I saw my problem, thanks
It was set to users and not domain

Related questions

0 votes
1 answer

We manage employee user accounts in our on-premise Active Directory and synchronize them to Azure Active Directory using Azure AD Connect. We'd like to be able to generate ... if this is possible so we can easily identify user accounts that are truly inactive.

asked May 9, 2023 by RickWaukCo (320 points)
0 votes
1 answer

Hello, The report named Inactive users allowed to log in shows the Active Directory sign-in (Last-Logon-Timestamp) and Azure AD sign-in (Last Logon) but only for Active Directory ... updated by an Azure logic App. But we'd love to have this natively in Adaxes.

asked Dec 13, 2022 by Gavin.Raymen (40 points)
0 votes
1 answer

I'm trying to automate adding users who are enrolled in MFA to an AD group. The scripts I found elsewhere here that do not work so I believe they may have been written against a prior Adaxes version or referencing a report that does not meet our needs.

asked May 31, 2024 by neal (50 points)
0 votes
1 answer

Hi, would it be possible to script a workstation in AD and also directly from our local SCCM environment ?

asked Oct 28, 2024 by ddesmedt (40 points)
0 votes
1 answer

For creating a computer object, we want to check if the entered CN is already used in our AD. And for that we want to use a powershell script. An other dot ... powershell script should be start before creating the computer object, right? Thanks for your help.

asked Jun 4, 2024 by KEME (80 points)
3,590 questions
3,279 answers
8,308 comments
548,192 users