Script repository

Recently enabled users with initiator

September 13, 2023 Views: 481
Reports

The script generates a report of recently enabled users with initiator. For information on creating reports, see the Create Report tutorial.

Parameters:

  • $daysParameterName - Specifies the name of the parameter used to determine the period (in days) to retrive enabled users for. The name should be specified with the param- prefix.
  • $dateColumnID - Specifies the identifier of the custom column that will contain the date when a user was enabled. The column should be of the Date/Time type.
  • $initiatorColumnID - Specifies the identifier of the custom column that will contain the user who enabled the corresponding account. The column should be of Directory object type. To get the identifier of a custom column:
    1. In the Report-specific columns section, on the Columns tab, right-click the custom column.
    2. In the context menu, navigate to Copy and click Column ID.
    3. The column identifier will be copied to clipboard.
Edit Remove
PowerShell
$daysParameterName = "param-Days" # TODO: modify me
$dateColumnID = "{99287f6e-af75-4588-af77-4eb88df8ba9e}" # TODO: modify me
$initiatorColumnID = "{96639d74-841e-4622-86f8-295a5672c399}" # TODO: modify me

# Get parameter values
$days = $Context.GetParameterValue($daysParameterName)

# Bind to the directory object representing the General Log
$path = $Context.GetWellKnownContainerPath("ServiceLog")
$serviceLog = $Context.BindToObject($path)

$generalLog = $serviceLog.GeneralLog
$generalLog.StartDateTime = (Get-Date).AddDays(-$days)
$generalLog.EndDateTime = Get-Date

# Get the log records
$log = $generalLog.Log
$records = $log.GetPage(0)

# Search parameters
$guidToInitiator = @{}
$guidComparer = $Context.CreatePropertyValueComparer("objectGuid")
$guidsToSearch = New-Object System.Collections.Generic.HashSet[byte[]] @($guidComparer)

foreach ($record in $records)
{
    if ($Context.Items.Aborted)
    {
        return
    }
    
    if ($record.TargetObjectType -ne "user")
    {
        continue
    }
    
    $guid = [Guid]$record.TargetObjectGuid
    if ($guidToInitiator.ContainsKey($guid))
    {
        continue
    }
    
    $operationTypes = $record.GetOperationTypes()
    if ($operationTypes -notcontains "enable account")
    {
        continue
    }

    # Get GUID
    $adsPath = New-Object "Softerra.Adaxes.Adsi.AdsPath" $record.Initiator.AdsPath
    $customColumns = @{
        $initiatorColumnID = $adsPath.DN
        $dateColumnID = $record.CompletionTime
    }
    
    $guidToInitiator.Add($guid, $customColumns)
    $guidsToSearch.Add($guid.ToByteArray())
}

# Search criteria
$searcher = $Context.CreateGuidBasedSearcher(@($guidsToSearch))
$criteria = New-AdmCriteria -Type "user" -Expression {accountDisabled -eq $false}
$searcher.AddCriteria($criteria)

try
{
    $searchIterator = $searcher.ExecuteSearch()
    while ($Context.MoveNext($searchIterator))
    {
        $searchResult = $searchIterator.Current
        $guid = [Guid]$searchResult.GetPropertyByName("objectGuid").Values[0]
        $customColumns = $guidToInitiator[$guid]
        $Context.Items.Add($searchResult, $customColumns)
    }
}
finally
{
    # Release resources
    if ($searchIterator) { $searchIterator.Dispose() }
}
Comments 0
Leave a comment
Related Scripts

Got questions?

Support Questions & Answers