Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Script to check for AD object modification

Posted on 2011-04-21
6
Medium Priority
?
738 Views
Last Modified: 2012-05-11
I have been trying to create two seperate scripts for a while with no sucess.  I need one script that scans particualr AD OU and outputs a CSV that tells which objects have not been modified in a 24 hour period. The second script should output a CSV verifying a partucalr GPO is applied for a given object. I would like to use powershell for this.
0
Comment
Question by:ullmanneric
  • 4
  • 2
6 Comments
 
LVL 13

Expert Comment

by:soostibi
ID: 35444372
Can we use Windows Server 2008 R2 Active Directory Module or Quest's AD Active Roles snapin?
0
 

Author Comment

by:ullmanneric
ID: 35445928
No becuase we have no 2008 servers available
0
 
LVL 13

Accepted Solution

by:
soostibi earned 2000 total points
ID: 35446180
The first is here, using Quest's ActiveRoles Management Shell snapin.

What are the clients? Windows XP, Win7?

Add-PSSnapin Quest.ActiveRoles.ADManagement -ErrorAction silentlycontinue

$ouname = "YourOUName"

$ou = Get-QADObject -Type organizationalunit -Name $ouname
Get-QADObject -SearchRoot $ou -SearchScope onelevel |
    ?{$_.whenchanged -gt ((get-date).adddays(-1))} | 
        Select-Object name, type, dn, whenchanged | 
            Export-Csv c:\yourfile.csv -NoTypeInformation

Open in new window

0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:ullmanneric
ID: 35454858
The clients are a mixture of both and will be in a particular ou
0
 

Author Comment

by:ullmanneric
ID: 35454861
I am only interested in objects that have not been modified in a 24hour period as well
0
 

Author Comment

by:ullmanneric
ID: 35454863
Also can we verify through the same script that a particular gpo has been applied
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this post, I will showcase the steps for how to create groups in Office 365. Office 365 groups allow for ease of flexibility and collaboration between staff members.
Transferring FSMO roles is done when an admin wants to split roles between certain Domain Controllers or the Domain Controller holding the Roles has been forcefully demoted using dcpromo / forceremoval
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question