We use cookies to improve your experience.
By your continued use of this site you accept such use.
For more details please see our privacy policy and cookies policy.

Script repository

Disabled managers with enabled direct reports

October 03, 2023 Views: 1183

The script can be used to generate a report that will include disabled user accounts that are managers of enabled user accounts. For information on creating reports, see the Create Report tutorial.

Edit Remove
PowerShell
$criteria = New-AdmCriteria "user" -Expression {(directReports -empty $False) -and (accountDisabled -eq $True)}
$Context.DirectorySearcher.AddCriteria($criteria)
$Context.DirectorySearcher.SearchParameters.PropertiesToLoad.Add("distinguishedName")
try
{
    $searchIterator = $Context.DirectorySearcher.ExecuteSearch()
    $managerDNToSearchResult = @{}
    while ($Context.MoveNext($searchIterator))
    {
        $searchResult = $searchIterator.Current
        $managerDNToSearchResult.Add($searchResult.GetPropertyByName("distinguishedName").Values[0], $searchResult)
    }
}
finally
{
    # Release resources
    if ($searchIterator) { $searchIterator.Dispose() }
}

# Search parameters
$searcher = New-Object Softerra.Adaxes.Adsi.Search.DirectorySearcher $NULL, $False
$searcher.VirtualRoot = $True
$searcher.SearchScope = "ADS_SCOPE_SUBTREE"
$searcher.ReferralChasing = "ADS_CHASE_REFERRALS_NEVER"
$searcher.Criteria = New-AdmCriteria "user" -Expression {(manager -empty $False) -and (accountDisabled -eq $False)}
$searcher.PageSize = 500
$searcher.SetPropertiesToLoad(@("manager"))

try
{
    # Execute search
    $searchIterator = $searcher.ExecuteSearch()
    while ($Context.MoveNext($searchIterator))
    {
        $searchResult = $searchIterator.Current
        $managerDN = $searchResult.GetPropertyByName("manager").Values[0]
        
        if ($managerDNToSearchResult.ContainsKey($managerDN))
        {
            $managerSearchResult = $managerDNToSearchResult[$managerDN]
            $managerDNToSearchResult.Remove($managerDN)
            $Context.Items.Add($managerSearchResult)
        }
    }
}
finally
{
    # Release resources
    if ($searchIterator) { $searchIterator.Dispose() }
}
Comments 2
avatar
Mark Monaco Oct 02, 2023
I implemented the script as-is in a new report, and received the following errors when I attempted to generate it: "The property 'Filter' cannot be found on this object. Verify that the property exists and can be set. Stack trace: at <ScriptBlock>, <No file>: line 24" and "Exception calling "ContainsKey" with "1" argument(s): "Key cannot be null. ↲ Parameter name: key" Stack trace: at <ScriptBlock>, <No file>: line 37"
avatar
Support Oct 03, 2023
Hello Mark,

The issue occurs because you are using Adaxes 2023 or later while the script was written for Adaxes 2021.1. To achieve the desired, use the below script. We also updated the script in the article itself.

Edit Remove
PowerShell
$criteria = New-AdmCriteria "user" -Expression {(directReports -empty $False) -and (accountDisabled -eq $True)}
$Context.DirectorySearcher.AddCriteria($criteria)
$Context.DirectorySearcher.SearchParameters.PropertiesToLoad.Add("distinguishedName")
try
{
    $searchIterator = $Context.DirectorySearcher.ExecuteSearch()
    $managerDNToSearchResult = @{}
    while ($Context.MoveNext($searchIterator))
    {
        $searchResult = $searchIterator.Current
        $managerDNToSearchResult.Add($searchResult.GetPropertyByName("distinguishedName").Values[0], $searchResult)
    }
}
finally
{
    # Release resources
    if ($searchIterator) { $searchIterator.Dispose() }
}

# Search parameters
$searcher = New-Object Softerra.Adaxes.Adsi.Search.DirectorySearcher $NULL, $False
$searcher.VirtualRoot = $True
$searcher.SearchScope = "ADS_SCOPE_SUBTREE"
$searcher.ReferralChasing = "ADS_CHASE_REFERRALS_NEVER"
$searcher.Criteria = New-AdmCriteria "user" -Expression {(manager -empty $False) -and (accountDisabled -eq $False)}
$searcher.PageSize = 500
$searcher.SetPropertiesToLoad(@("manager"))

try
{
    # Execute search
    $searchIterator = $searcher.ExecuteSearch()
    while ($Context.MoveNext($searchIterator))
    {
        $searchResult = $searchIterator.Current
        $managerDN = $searchResult.GetPropertyByName("manager").Values[0]
        
        if ($managerDNToSearchResult.ContainsKey($managerDN))
        {
            $managerSearchResult = $managerDNToSearchResult[$managerDN]
            $managerDNToSearchResult.Remove($managerDN)
            $Context.Items.Add($managerSearchResult)
        }
    }
}
finally
{
    # Release resources
    if ($searchIterator) { $searchIterator.Dispose() }
}
Leave a comment
Loading...

Got questions?

Support Questions & Answers