0 votes

Hi-

most of our accounts are missing managers. is there a way I can run a script that can possibly match the employees with their managers if its in a csv file of some sort?

by (1.7k points)
0

also, would you happen to have a script that will report enabled users w/o managers?

1 Answer

0 votes
by (216k points)

Hello,

also, would you happen to have a script that will report enabled users w/o managers?

Yes, sure. Here you are. The script will generate a CSV file with a list of enabled users who don't have a manager.

Param($csvFilePath)

[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

$admNS = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$admService = $admNS.GetServiceDirectly("localhost")
$userSearcher = $admService.OpenObject("Adaxes://rootDSE", $NULL, $NULL, 0)

# Search all enabled users without managers
$userSearcher.PageSize = 500
$userSearcher.SearchScope = "ADS_SCOPE_SUBTREE"
$userSearcher.SearchFilter = "(&(objectCategory=person)(objectClass=user)(!userAccountControl:1.2.840.113556.1.4.803:=2)(!manager=*))"
$userSearcher.ReferralChasing = "ADS_CHASE_REFERRALS_NEVER"
$userSearcher.VirtualRoot = $True
$searchResultIterator = $userSearcher.ExecuteSearch()

$usersWoManagers = @()

foreach ($user in $searchResultIterator.FetchAll())
{
    $userRecord = New-Object PSObject
    $userRecord | Add-Member NoteProperty FullName $user.Properties["cn"].Value
    $userRecord | Add-Member NoteProperty Username $user.Properties["saMAccountName"].Value
    $userDN = New-Object "Softerra.Adaxes.Ldap.DN" $user.Properties["distinguishedName"].Value
    $parentDN = $userDN.Parent
    $userRecord | Add-Member NoteProperty ParentDN $parentDN.ToString()
    $usersWoManagers += $userRecord
}

$searchResultIterator.Dispose()

$usersWoManagers | Export-Csv $csvFilePath -NoTypeInformation

To launch the script:

  1. Save the script to a file with the PS1 extension, for example, script.ps1.

  2. Copy the file to the computer where your Adaxes service is installed.

  3. Launch Windows PowerShell. To do this:

    • Press Win+R.
    • Type powershell.exe
    • Press Enter.
  4. Navigate to the folder where you copied the script. For example, if you copied it to C:\Scripts, type:

     cd C:\Scripts
  5. Launch the script and pass the name of the CSV file as a parameter. For example, if you named the PS1 file with the script script.ps1, type:

     .\script.ps C:\UsersWoManagers.csv

    where C:\UsersWoManagers.csv is the name of the CSV file that will be created.

is there a way I can run a script that can possibly match the employees with their managers if its in a csv file of some sort?

Could you send us at least a small sample so we would know how to proceed with the task?

0

thanks for the script.
1. Can the script be updated to locate users only within a particular OU? Those are where our permanent users resides.
abc.com is the domain
LA/Users
DC/Users
NY/Users

Disregard the 2nd request. They no longer want the manager field required, which was prompting them as they updated a user.
Thanks.

2. Most of our user office field location points to 1 city. However, within that city there are 2 offices. For existing users that have New York as the office selection, they may have an address that points to location A or location B.
ex:
EXISTING USERS - Office: New York
UPDATE - Office:New York - A Address:123 Ave A, NY NY
UPDATE - Office: New York - B Address: 456 Ave B, NY NY

I'd like to run a script that will check the address to see if it points to A or B.(I'd like this in report form so I can know how many records we have).
Then based on the results, we like to update the office field to reflect that(New York - A or New York - B).

Would you be able to provide me with that script? It should run against the NY/Users OU.

Also, can you confirm the below will work to update the office?
1.create a scheduled task that will check to see if the street address contains 123 and Modify the user: set office to Office: New York - A

Thanks!

0

Hello,

1. Here you are. The Distinguished Names (DNs) of the OUs where the script will search for enabled users without managers are specified by $ouDNs. Modify it to your requirements.

The instructions to launch the script remain the same.

Param($csvFilePath)

$ouDNs = @("OU=Users,OU=LA,DC=abc,DC=com","OU=Users,OU=DC,DC=abc,DC=com","OU=Users,OU=NY,DC=abc,DC=com") # TODO: modify me

[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

$admNS = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$admService = $admNS.GetServiceDirectly("localhost")

$usersWoManagers = @()

foreach ($ouDN in $OUDNs)
{ 
    $userSearcher = $admService.OpenObject("Adaxes://$ouDN", $NULL, $NULL, 0)

    # Search all enabled users without managers
    $userSearcher.PageSize = 500
    $userSearcher.SearchScope = "ADS_SCOPE_SUBTREE"
    $userSearcher.SearchFilter = "(&(objectCategory=person)(objectClass=user)(!userAccountControl:1.2.840.113556.1.4.803:=2)(!manager=*))"
    $userSearcher.ReferralChasing = "ADS_CHASE_REFERRALS_NEVER"
    $userSearcher.VirtualRoot = $False
    $searchResultIterator = $userSearcher.ExecuteSearch()

    foreach ($user in $searchResultIterator.FetchAll())
    {
        $userRecord = New-Object PSObject
        $userRecord | Add-Member NoteProperty FullName $user.Properties["cn"].Value
        $userRecord | Add-Member NoteProperty Username $user.Properties["saMAccountName"].Value
        $userDN = New-Object "Softerra.Adaxes.Ldap.DN" $user.Properties["distinguishedName"].Value
        $parentDN = $userDN.Parent
        $userRecord | Add-Member NoteProperty ParentDN $parentDN.ToString()
        $usersWoManagers += $userRecord
    }

    $searchResultIterator.Dispose()
}

$usersWoManagers | Export-Csv $csvFilePath -NoTypeInformation
  1. I'd like to run a script that will check the address to see if it points to A or B.(I'd like this in report form so I can know how many records we have).

It's not quite clear what the report must include. Should it be only the users whose Office / Street Address mismatch or what?

create a scheduled task that will check to see if the street address contains 123 and Modify the user: set office to Office: New York - A

We believe it should be something like this:

0

Hello,

  1. Here you are. The Distinguished Names (DNs) of the OUs where the script will search for enabled users without managers are specified by $ouDNs. Modify it to your requirements.

The instructions to launch the script remain the same.

Param($csvFilePath)

$ouDNs = @("OU=Users,OU=LA,DC=abc,DC=com","OU=Users,OU=DC,DC=abc,DC=com","OU=Users,OU=NY,DC=abc,DC=com") # TODO: modify me

[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

$admNS = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$admService = $admNS.GetServiceDirectly("localhost")

$usersWoManagers = @()

foreach ($ouDN in $OUDNs)
{ 
    $userSearcher = $admService.OpenObject("Adaxes://$ouDN", $NULL, $NULL, 0)

    # Search all enabled users without managers
    $userSearcher.PageSize = 500
    $userSearcher.SearchScope = "ADS_SCOPE_SUBTREE"
    $userSearcher.SearchFilter = "(&(objectCategory=person)(objectClass=user)(!userAccountControl:1.2.840.113556.1.4.803:=2)(!manager=*))"
    $userSearcher.ReferralChasing = "ADS_CHASE_REFERRALS_NEVER"
    $userSearcher.VirtualRoot = $False
    $searchResultIterator = $userSearcher.ExecuteSearch()

    foreach ($user in $searchResultIterator.FetchAll())
    {
        $userRecord = New-Object PSObject
        $userRecord | Add-Member NoteProperty FullName $user.Properties["cn"].Value
        $userRecord | Add-Member NoteProperty Username $user.Properties["saMAccountName"].Value
        $userDN = New-Object "Softerra.Adaxes.Ldap.DN" $user.Properties["distinguishedName"].Value
        $parentDN = $userDN.Parent
        $userRecord | Add-Member NoteProperty ParentDN $parentDN.ToString()
        $usersWoManagers += $userRecord
    }

    $searchResultIterator.Dispose()
}

$usersWoManagers | Export-Csv $csvFilePath -NoTypeInformation

Thanks!

  1. I'd like to run a script that will check the address to see if it points to A or B.(I'd like this in report form so I can know how many records we have).

It's not quite clear what the report must include. Should it be only the users whose Office / Street Address mismatch or what?

Yes

create a scheduled task that will check to see if the street address contains 123 and Modify the user: set office to Office: New York - A

We believe it should be something like this:

0

I'd like to run a script that will check the address to see if it points to A or B.(I'd like this in report form so I can know how many records we have).

It's not quite clear what the report must include. Should it be only the users whose Office / Street Address mismatch or what?

Yes

OK, that's possible, however our script guys are currently overloaded with tasks for the new release that is scheduled for April 10. Can you wait until the new release is available?

0

I can wait. Thank You!

0

Hello,

We'll update this forum topic as soon as a script is ready.

0

Hello,

The script is ready. Find it below. The script can be run from a Custom Command (to run the report on demand) or from a Scheduled Task (to schedule the report).

To schedule the report:

  1. Create a new Scheduled Task.

  2. On the 3rd step of the Create Scheduled Task wizard, select Show all object types.

  3. Select the Domain-DNS object type. Assigning the task on a domain gives you the advantage of running the script only once per a Custom Command run.

  4. On the 4th step, add the Run a program or PowerShell script action and paste the script in the Script field.

  5. In the script, modify the following to match your requirements:

    • $to - specifies the recipient of the report,
    • $subject - specifies the subject of the email notification with the report,
    • $htmlReportHeader - specifies the header of the email notification,
    • $htmlReportFooter - specifies the footer of the email notification,
    • $ouDNs - specifies a list of the OUs where users should be checked,
    • $officesInfo - specifies a list of offices with their addresses (for all the OUs).
  6. On the 5th step, include any of your AD domain in the Activity Scope of the Task.

The script:

$to = "recipient@domain.com" # TODO: modify me
$subject = "List of users with malformed offices" # TODO: modify me
$htmlReportHeader = "<h2><b>List of users with malformed offices:</b></h2><br/>" # TODO: modify me
$htmlReportFooter = "<hr /><p><i>Please do not reply to this e-mail, it has been sent to you for notification purposes only.</i></p>" # TODO: modify me
$ouDNs = @("OU=Users,OU=LA,DC=abc,DC=com","OU=Users,OU=DC,DC=abc,DC=com","OU=Users,OU=NY,DC=abc,DC=com") # TODO: modify me
$officesInfo = @{
    "Office A" = "123 Ave A";
    "Office B" = "456 Ave B";
} # TODO: modify me

function BuildUserLists($ouPath, $officesInfo)
{
    # Search all users
    $searcher = New-Object "Softerra.Adaxes.Adsi.Search.DirectorySearcher" $NULL, $False
    $searcher.SearchParameters.PageSize = 500
    $searcher.SearchParameters.SearchScope = "ADS_SCOPE_SUBTREE"
    $searcher.SearchParameters.BaseObjectPath = "$ouPath"
    $searcher.SearchParameters.Filter = "(sAMAccountType=805306368)"
    $searcher.SearchParameters.ReferralChasing = "ADS_CHASE_REFERRALS_NEVER"
    $searcher.SetPropertiesToLoad(@("streetAddress", "physicalDeliveryOfficeName"))
    $result = $searcher.ExecuteSearch()
    $users = $result.FetchAll()
    $result.Dispose()

    # Build user lits
    $usersWithEmptyOfficeAddress = ""
    $usersWithEmptyOffice = ""
    $usersWithEmptyAddress = ""
    $usersOfficeAddressMismatch = ""
    foreach ($userId in $users)
    {
        $userOffice = $userId.Properties["physicalDeliveryOfficeName"].Value
        $userAddress = $userId.Properties["streetAddress"].Value

        $user = $Context.BindToObject($userID.AdsPath)
        $userName = [Softerra.Adaxes.Utils.ObjectNameHelper]::GetObjectName($user, 'IncludeParentPath')
        if ([System.String]::IsNullOrEmpty($userOffice) -and [System.String]::IsNullOrEmpty($userAddress))
        {
            $usersWithEmptyOfficeAddress += "<li>$userName</li>"
        }
        elseif ([System.String]::IsNullOrEmpty($userOffice))
        {
            $usersWithEmptyOffice += "<li>$userName</li>"
        }
        elseif ([System.String]::IsNullOrEmpty($userAddress))
        {
            $usersWithEmptyAddress += "<li>$userName</li>"
        }
        elseif ($officesInfo["$userOffice"] -ine $userAddress)
        {
            $usersOfficeAddressMismatch += "<li>$userName</li>"
        }
    }

    # Add user lists to reportPart
    $reportPart = New-Object "System.Text.StringBuilder"
    $reportPart.Append("<ul><li><b>Users who have neither an Office, nor an Address:</b><br/>") | Out-Null
    $reportPart.Append("<ol>$usersWithEmptyOfficeAddress</ol></li>")| Out-Null

    $reportPart.Append("<b><li>Users who don't have an Office:</b><br/>")| Out-Null
    $reportPart.Append("<ol>$usersWithEmptyOffice</ol></li>")| Out-Null

    $reportPart.Append("<b><li>Users who don't have an Address:</b><br/>")| Out-Null
    $reportPart.Append("<ol>$usersWithEmptyAddress</ol></li>")| Out-Null

    $reportPart.Append("<b><li>Users whose Office doesn't match the Address:</b><br/>")| Out-Null
    $reportPart.Append("<ol>$usersOfficeAddressMismatch</ol></li></ul>")| Out-Null
    return $reportPart.ToString()
}

foreach ($ouDN in $ouDNs)
{
    # Bind to OU
    $ou = $Context.BindToObjectByDN($ouDN)

    # Build report part for current OU
    $ouName = [Softerra.Adaxes.Utils.ObjectNameHelper]::GetObjectName($ou, 'IncludeParentPath')
    $report = "<h3><b>$ouName</b></h3><br/>"

    # Add users
    $report += BuildUserLists $ou.ADsPath $officesInfo
    $htmlReportHeader += "$report <br/>"
}

# Build HTML report
$htmlBody = $htmlReportHeader + $htmlReportFooter

# Send mail
$Context.SendMail($to, $subject, $NULL, $htmlBody)

Related questions

0 votes
0 answers

I am trying to work out a method to create Drop-Down lists to select printers and printer properties. Using PowerShell I can extract a list of printers and printer properties to either ... or CSV file for my drop-down lists. Any ideas on how to do this? Thanks

asked Sep 17, 2019 by Fixxer (40 points)
0 votes
1 answer

Hi, I adapted the code found in this thread to my needs Import Constraints The method works and it does create and populate the property pattern, however ... .Add($constraint) $item.SetConstraints($constraints) $item.SetInfo() $userPattern.Items.Add($item)

asked Dec 6, 2017 by digimortal (240 points)
0 votes
1 answer

We have a form to used by our HR Reps to create non-employee records. There are two fields on the form that are auto-generated via a property pattern: Full Name ( ... changed to cause this new behavior? Nothing has changed with our property pattern set-up...

asked Aug 30, 2016 by sandramnc (870 points)
0 votes
1 answer

For the action copy user, under object selection I choose objects selected by the user, copying from the user who gets the email. Location selection is the OU I ... the source user. Is it possible to erase that automatically and reapply the property pattern?

asked Mar 24, 2023 by GronTron (320 points)
0 votes
1 answer

I would like to have the possibility to use different icons for AD groups. I have groups for file permissions, applications, mailboxes, etc. For each group type I ... do this without schema extension? or will this be possible in the future? regards pudong

asked May 6, 2022 by pudong (680 points)
3,549 questions
3,240 answers
8,232 comments
547,814 users