query user and groups created since 1/2009

Hi All,

I need a script to query users and groups that created since 1/2009 in AD.
We are on 2003.

could someone advise? i dont mind if it is dsquery, vbscript or powershell, but with powersehll, we dont have quest plug in,

Please advsise.

Thanks in advance for your help!
fireburn11Asked:
Who is Participating?
 
Mike KlineConnect With a Mentor Commented:
Not in an AD query, for that you would need to enable auditing of the group and then go through the event logs.  There are 3rd party products that make that collection/review easier.

Thanks

Mike
0
 
Mike KlineCommented:
You can use the dstools or adfind,  take a look at Scott's entry here

http://blog.scottlowe.org/2006/10/11/finding-recently-created-active-directory-accounts/

for groups use (objectcategory=groups)

Also important entry from Joe Richards on whenChanged  http://blog.joeware.net/2006/10/03/655/

Let me know if those methods work for you.

Thanks

Mike
0
 
Bryan ButlerCommented:
Here's a script that does some of this.  Would a modification of this work for you?  Do you have the
Get-ADDomainController and Get-ADUser commands?

http://www.rlmueller.net/PowerShell/PSLastLogon2.txt
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
prashanthdCommented:
Try the following Vbscript

regards
Prashanth
on error resume next

Dim adoConnection, strBase, strFilter, strAttributes
Dim objRootDSE, strDNSDomain, strQuery, adoRecordset, strName, strCN

' Setup ADO objects.
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"
Set adoRecordset = CreateObject("ADODB.Recordset")
Set adoRecordset.ActiveConnection = adoConnection

' Search entire Active Directory domain.
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("defaultNamingContext")
strBase = "<LDAP://" & strDNSDomain & ">"

' Filter on user objects.
strFilter = "(&(objectCategory=person)(objectClass=user)" _
    & "(whenCreated>=20090101000000.0Z))"

' Comma delimited list of attribute values to retrieve.
strAttributes = "sAMAccountName,cn"

' Construct the LDAP syntax query.
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"

' Run the query.
adoRecordset.Source = strQuery
adoRecordset.Open

' Enumerate the resulting recordset.
Do Until adoRecordset.EOF
    ' Retrieve values and display.
    strName = adoRecordset.Fields("sAMAccountName").Value
    strCN = adoRecordset.Fields("cn").value
    Wscript.Echo "NT Name: " & strName & ", Common Name: " & strCN & ",User"
    ' Move to the next record in the recordset.
    adoRecordset.MoveNext
Loop

' Clean up.
adoRecordset.Close
adoConnection.Close 

' Filter on user objects.
strFilter = "(&(objectCategory=group))" _
    & "(whenCreated>=20090101000000.0Z))"

' Comma delimited list of attribute values to retrieve.
strAttributes = "sAMAccountName,cn"

' Construct the LDAP syntax query.
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"

' Run the query.
adoRecordset.Source = strQuery
adoRecordset.Open

' Enumerate the resulting recordset.
Do Until adoRecordset.EOF
    ' Retrieve values and display.
    strName = adoRecordset.Fields("sAMAccountName").Value
    strCN = adoRecordset.Fields("cn").value
    Wscript.Echo "NT Name: " & strName & ", Common Name: " & strCN & ",Group"
    ' Move to the next record in the recordset.
    adoRecordset.MoveNext
Loop

' Clean up.
adoRecordset.Close
adoConnection.Close

Open in new window

0
 
fireburn11Author Commented:
Thanks guys for your input. I actually figured out by using dsquery.

The real question is is there way to query all the changes have been made to a group such as member being added, deleted?

Please advise.

Thanks
0
 
fireburn11Author Commented:
Thanks. Do you want event ID should i look for in event logs for member add/delete? would the event log show me which members has been added?

Thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.