We use cookies to improve your experience.
By your continued use of this site you accept such use.
For more details please see our privacy policy and cookies policy.

Script repository

Users who performed self-password reset recently

December 09, 2021 Views: 826

The script generates a report containing users who performed self-password reset during the specified time period.

Parameters:

  • $eventDateColumnID - Specifies the identifier of the custom column that will contain the date and time when the self-password reset was performed. The column should be of Date/Time type. To get the identifier of a custom column:
    1. In the Report-specific columns section, on the Columns tab, right-click the custom column.
    2. In the context menu, navigate to Copy and click Column ID.
    3. The column identifier will be copied to clipboard.
  • $isSuccessfullColumnID - Specifies the identifier of the custom column that will contain a value (true/false) indicating whether the self-password reset was successful. The column should be of Boolean type.
  • $policyNameColumnID - Specifies the identifier of the custom column that will contain the name of the Self-service policy the user is enrolled for. The column should be of Text type.
  • $hoursParameterName - Specifies the name of the parameter used to select the number of hours to check for self-password resets. The parameter name should be specified with the param- prefix.
Edit Remove
PowerShell
$eventDateColumnID = "{e9920b5a-9167-444c-937a-efdf461f2a14}" # TODO: modify me
$isSuccessfullColumnID = "{adc31b12-0e51-4732-84dc-473f9358af44}" # TODO: modify me
$policyNameColumnID = "{d59b77d2-6106-420d-befa-d3b2cbf7da65}" # TODO: modify me
$hoursParameterName = "param-hours" # TODO: modify me

# Get parameter value
$hours = $Context.GetParameterValue($hoursParameterName)

# Bind to the 'Password Self-Service statistics' container
$passwordSelfServiceStatisticsPath = $Context.GetWellKnownContainerPath("PasswordSelfServiceStatistics")
$passwordSelfServiceStatistics = $Context.BindToObject($passwordSelfServiceStatisticsPath)

# Generate the 'Password Resets' report
$passwordSelfServiceStatistics.ResetReportCache("ADM_PSSREPORTTYPE_RESETPWD")
$reportIsBeingGenerated = $True

# Get the 'Password Resets' report
do 
{
    try
    {
        $report = $passwordSelfServiceStatistics.GetReport("ADM_PSSREPORTTYPE_RESETPWD")
        $reportIsBeingGenerated = $False
    }
    catch [System.Runtime.InteropServices.COMException]
    {
        if ($_.Exception.ErrorCode -eq "-2147024875")
        {
            # Report is being generated. Wait 10 seconds
            Start-Sleep -Seconds 10
        }
        else
        {
            $reportIsBeingGenerated = $False
            $Context.LogMessage($_.Exception.Message, "Error")
            return
        }
    }
}
while ($reportIsBeingGenerated)

# Add the date when the report was generated
$reportHeader = $reportHeader -f $report.GenerateDate

# Add report records
$records = $report.Records
$threshold = (Get-date).AddHours(- $hours).ToUniversalTime()
for ($i = 0; $i -lt $records.Count; $i++)
{
    $record = $records.GetRecord($i)
    
    # Get user information
    $userPath = $NULL
    $userDisplayName = $NULL
    $userParentCanonicalName = $NULL
    $userAccountIsEnabled = $NULL
    $userIsEnrolled = $NULL
    $userAccountIsExpired = $NULL
    $userInfo = $record.GetUserInfo([ref]$userPath, [ref]$userDisplayName, [ref]$userParentCanonicalName, 
        [ref]$userAccountIsEnabled, [ref]$userIsEnrolled, [ref]$userAccountIsExpired)
    $eventDate = $record.EventDate
    
    if ($eventDate -lt $threshold)
    {
        continue
    }
    
    # Get policy information
    $policyPath = $NULL
    $policyName = $NULL
    $policyInfo = $record.GetEnrollmentPolicyInfo([ref]$policyPath, [ref]$policyName)
    
    # Add the information to the report
    $user = $Context.BindToObject($userPath)
    $columnValues = @{
        $isSuccessfullColumnID = $record.IsSuccessfull
        $policyNameColumnID = $policyName
        $eventDateColumnID = $eventDate
    }
    $Context.Items.Add($user, $columnValues, $NULL)
}
Comments 0
Leave a comment
Loading...

Got questions?

Support Questions & Answers