We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now

x

query user and groups created since 1/2009

Medium Priority
317 Views
Last Modified: 2012-08-13
Hi All,

I need a script to query users and groups that created since 1/2009 in AD.
We are on 2003.

could someone advise? i dont mind if it is dsquery, vbscript or powershell, but with powersehll, we dont have quest plug in,

Please advsise.

Thanks in advance for your help!
Comment
Watch Question

CERTIFIED EXPERT
Top Expert 2013

Commented:
You can use the dstools or adfind,  take a look at Scott's entry here

http://blog.scottlowe.org/2006/10/11/finding-recently-created-active-directory-accounts/

for groups use (objectcategory=groups)

Also important entry from Joe Richards on whenChanged  http://blog.joeware.net/2006/10/03/655/

Let me know if those methods work for you.

Thanks

Mike
Here's a script that does some of this.  Would a modification of this work for you?  Do you have the
Get-ADDomainController and Get-ADUser commands?

http://www.rlmueller.net/PowerShell/PSLastLogon2.txt
Top Expert 2011

Commented:
Try the following Vbscript

regards
Prashanth
on error resume next

Dim adoConnection, strBase, strFilter, strAttributes
Dim objRootDSE, strDNSDomain, strQuery, adoRecordset, strName, strCN

' Setup ADO objects.
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"
Set adoRecordset = CreateObject("ADODB.Recordset")
Set adoRecordset.ActiveConnection = adoConnection

' Search entire Active Directory domain.
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("defaultNamingContext")
strBase = "<LDAP://" & strDNSDomain & ">"

' Filter on user objects.
strFilter = "(&(objectCategory=person)(objectClass=user)" _
    & "(whenCreated>=20090101000000.0Z))"

' Comma delimited list of attribute values to retrieve.
strAttributes = "sAMAccountName,cn"

' Construct the LDAP syntax query.
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"

' Run the query.
adoRecordset.Source = strQuery
adoRecordset.Open

' Enumerate the resulting recordset.
Do Until adoRecordset.EOF
    ' Retrieve values and display.
    strName = adoRecordset.Fields("sAMAccountName").Value
    strCN = adoRecordset.Fields("cn").value
    Wscript.Echo "NT Name: " & strName & ", Common Name: " & strCN & ",User"
    ' Move to the next record in the recordset.
    adoRecordset.MoveNext
Loop

' Clean up.
adoRecordset.Close
adoConnection.Close 

' Filter on user objects.
strFilter = "(&(objectCategory=group))" _
    & "(whenCreated>=20090101000000.0Z))"

' Comma delimited list of attribute values to retrieve.
strAttributes = "sAMAccountName,cn"

' Construct the LDAP syntax query.
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"

' Run the query.
adoRecordset.Source = strQuery
adoRecordset.Open

' Enumerate the resulting recordset.
Do Until adoRecordset.EOF
    ' Retrieve values and display.
    strName = adoRecordset.Fields("sAMAccountName").Value
    strCN = adoRecordset.Fields("cn").value
    Wscript.Echo "NT Name: " & strName & ", Common Name: " & strCN & ",Group"
    ' Move to the next record in the recordset.
    adoRecordset.MoveNext
Loop

' Clean up.
adoRecordset.Close
adoConnection.Close

Open in new window

Author

Commented:
Thanks guys for your input. I actually figured out by using dsquery.

The real question is is there way to query all the changes have been made to a group such as member being added, deleted?

Please advise.

Thanks
CERTIFIED EXPERT
Top Expert 2013
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION

Author

Commented:
Thanks. Do you want event ID should i look for in event logs for member add/delete? would the event log show me which members has been added?

Thanks
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.