Script repository

Recently created users with initiator

September 13, 2023 Views: 742
Reports

The script generates a report of recently created users with initiator. If a user was created outside of Adaxes, the initiator column will be empty. For information on creating reports, see the Create Report tutorial.

Parameters:

  • $daysParameterName - Specifies the name of the parameter used to determine the period (in days) to retrive created users for. The name should be specified with the param- prefix.
  • $columnID - Specifies the identifier of the custom column that will contain the user who created the corresponding account. the column should be of AD object type. To get the identifier of a custom column:
    1. In the Report-specific columns section, on the Columns tab, right-click the custom column.
    2. In the context menu, navigate to Copy and click Column ID.
    3. The column identifier will be copied to clipboard.
Edit Remove
PowerShell
$daysParameterName = "param-Days" # TODO: modify me
$columnID = "{05ca33a4-2fe5-4f08-8943-b8f21acb8776}" # TODO: modify me

# Get parameter values
$days = $Context.GetParameterValue($daysParameterName)

# Bind to the directory object representing the General Log
$path = $Context.GetWellKnownContainerPath("ServiceLog")
$serviceLog = $Context.BindToObject($path)

$generalLog = $serviceLog.GeneralLog
$generalLog.StartDateTime = (Get-Date).AddDays(-$days)
$generalLog.EndDateTime = Get-Date

# Get the log records
$log = $generalLog.Log
$records = $log.GetPage(0)

$guidToInitiator = @{}

foreach ($record in $records)
{
    if ($Context.Items.Aborted)
    {
        return
    }
    
    if (($record.TargetObjectType -ne "user") -or ($record.TargetObjectGuid -eq $NULL) -or ([Guid]$record.TargetObjectGuid -eq [Guid]::Empty))
    {
        continue
    }
    
    $operationTypes = $record.GetOperationTypes()
    if ($operationTypes -notcontains "create")
    {
        continue
    }

    # Get GUID
    $guid = [Guid]$record.TargetObjectGuid
    $guidToInitiator.Add($guid, $record.Initiator.Adspath)
}

$threshold = (Get-Date).AddDays(- $days)
$thresholdGeneralizedTime = [Softerra.Adaxes.Utils.Transform]::ToGeneralizedTime($threshold.ToUniversalTime())

# Search filter
$filterUsers = "(&(sAMAccountType=805306368)(|(!(msExchRecipientTypeDetails=*))(!(msExchRecipientTypeDetails:1.2.840.113556.1.4.804:=7276219883574))))"
$filterCreatedAfter = "(whenCreated>=$thresholdGeneralizedTime)"
$filter = "(&" + $filterUsers + $filterCreatedAfter + ")"
$Context.DirectorySearcher.AppendFilter($filter)

try
{
    $searchIterator = $Context.DirectorySearcher.ExecuteSearch()
    while ($Context.MoveNext($searchIterator))
    {
        $searchResult = $searchIterator.Current
        $guid = [Guid]$searchResult.GetPropertyByName("objectGuid").Values[0]
        
        $customColumns = @{$columnID = $guidToInitiator[$guid]}
        $Context.Items.Add($searchResult, $customColumns)
    }
}
finally
{
    if ($searchIterator) { $searchIterator.Dispose() }
}
Comments 0
Leave a comment
Related Scripts

Got questions?

Support Questions & Answers