?
Solved

query user and groups created since 1/2009

Posted on 2011-04-21
6
Medium Priority
?
301 Views
Last Modified: 2012-08-13
Hi All,

I need a script to query users and groups that created since 1/2009 in AD.
We are on 2003.

could someone advise? i dont mind if it is dsquery, vbscript or powershell, but with powersehll, we dont have quest plug in,

Please advsise.

Thanks in advance for your help!
0
Comment
Question by:fireburn11
6 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 35441258
You can use the dstools or adfind,  take a look at Scott's entry here

http://blog.scottlowe.org/2006/10/11/finding-recently-created-active-directory-accounts/

for groups use (objectcategory=groups)

Also important entry from Joe Richards on whenChanged  http://blog.joeware.net/2006/10/03/655/

Let me know if those methods work for you.

Thanks

Mike
0
 
LVL 16

Expert Comment

by:Bryan Butler
ID: 35441300
Here's a script that does some of this.  Would a modification of this work for you?  Do you have the
Get-ADDomainController and Get-ADUser commands?

http://www.rlmueller.net/PowerShell/PSLastLogon2.txt
0
 
LVL 12

Expert Comment

by:prashanthd
ID: 35441569
Try the following Vbscript

regards
Prashanth
on error resume next

Dim adoConnection, strBase, strFilter, strAttributes
Dim objRootDSE, strDNSDomain, strQuery, adoRecordset, strName, strCN

' Setup ADO objects.
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"
Set adoRecordset = CreateObject("ADODB.Recordset")
Set adoRecordset.ActiveConnection = adoConnection

' Search entire Active Directory domain.
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("defaultNamingContext")
strBase = "<LDAP://" & strDNSDomain & ">"

' Filter on user objects.
strFilter = "(&(objectCategory=person)(objectClass=user)" _
    & "(whenCreated>=20090101000000.0Z))"

' Comma delimited list of attribute values to retrieve.
strAttributes = "sAMAccountName,cn"

' Construct the LDAP syntax query.
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"

' Run the query.
adoRecordset.Source = strQuery
adoRecordset.Open

' Enumerate the resulting recordset.
Do Until adoRecordset.EOF
    ' Retrieve values and display.
    strName = adoRecordset.Fields("sAMAccountName").Value
    strCN = adoRecordset.Fields("cn").value
    Wscript.Echo "NT Name: " & strName & ", Common Name: " & strCN & ",User"
    ' Move to the next record in the recordset.
    adoRecordset.MoveNext
Loop

' Clean up.
adoRecordset.Close
adoConnection.Close 

' Filter on user objects.
strFilter = "(&(objectCategory=group))" _
    & "(whenCreated>=20090101000000.0Z))"

' Comma delimited list of attribute values to retrieve.
strAttributes = "sAMAccountName,cn"

' Construct the LDAP syntax query.
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"

' Run the query.
adoRecordset.Source = strQuery
adoRecordset.Open

' Enumerate the resulting recordset.
Do Until adoRecordset.EOF
    ' Retrieve values and display.
    strName = adoRecordset.Fields("sAMAccountName").Value
    strCN = adoRecordset.Fields("cn").value
    Wscript.Echo "NT Name: " & strName & ", Common Name: " & strCN & ",Group"
    ' Move to the next record in the recordset.
    adoRecordset.MoveNext
Loop

' Clean up.
adoRecordset.Close
adoConnection.Close

Open in new window

0
Veeam and MySQL: How to Perform Backup & Recovery

MySQL and the MariaDB variant are among the most used databases in Linux environments, and many critical applications support their data on them. Watch this recorded webinar to find out how Veeam Backup & Replication allows you to get consistent backups of MySQL databases.

 

Author Comment

by:fireburn11
ID: 35443186
Thanks guys for your input. I actually figured out by using dsquery.

The real question is is there way to query all the changes have been made to a group such as member being added, deleted?

Please advise.

Thanks
0
 
LVL 57

Accepted Solution

by:
Mike Kline earned 2000 total points
ID: 35443389
Not in an AD query, for that you would need to enable auditing of the group and then go through the event logs.  There are 3rd party products that make that collection/review easier.

Thanks

Mike
0
 

Author Comment

by:fireburn11
ID: 35443473
Thanks. Do you want event ID should i look for in event logs for member add/delete? would the event log show me which members has been added?

Thanks
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
In this post, I will showcase the steps for how to create groups in Office 365. Office 365 groups allow for ease of flexibility and collaboration between staff members.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question