Solved

Need to Modify a powershell script

Posted on 2013-01-03
2
328 Views
Last Modified: 2013-01-04
Hello Experts,

I have a PowerShell scripting question that involves the following script below to monitor Active Directory Groups by comparing one list of users with previous list (or last scan) and looks for changes. Once is compares both lists it looks to see if a user has been added/removed and email  alert to the admin.  What I looking to do is update the script to include the AD user who added the client to the group.  I have been looking over the script for couple hours now to finger out away but unsure if this is possible.  

I have attached the script and example of the output file used to complete the compare and looks for differences.    

  
# Monitor the following groups 
$GroupName =   "AD OU1", "AD OU2"
# The report is saved locally 
$ScriptPath = (Split-Path ((Get-Variable MyInvocation).Value).MyCommand.Path) 
$DateFormat = Get-Date -Format "MMddyyyy_HHmmss" 
  
$Emailfrom   = "username@company.com" 
$Emailto   = "username@company.com" 
$EmailServer  = "relay.company.com" 
  
#end region configuration 
  
#--- MODULE/SNAPIN/DOT SOURCING ---# 
#region Module/Snapin/Dot Sourcing 
# Quest Active Directory Snapin 
 if (!(Get-PSSnapin Quest.ActiveRoles.ADManagement -ErrorAction Silentlycontinue)) 
  {Add-PSSnapin Quest.ActiveRoles.ADManagement} 
#end region Module/Snapin/Dot Sourcing 
  
#--- SCRIPT ---# 
#region script 
foreach ($Group in $GroupName){ 
 # Let's get the Current Membership 
 $Members = Get-QADGroupMember $Group -Indirect | Select-Object Name, SamAccountName, DN 
 $EmailSubject = "PS MONITORING - $Group Membership Change" 
   
 # Store the group membership in this file 
 $StateFile = $Group + "-membership.csv" 
   
 # If the file doesn't exist, assume we've not got a record to refer to, then make it 
 If (!(Test-Path $StateFile))  
  {  
   $Members | Export-csv $StateFile -NoTypeInformation 
  } 
   
 # Now get current membership and start comparing it to the last lot we recorded 
 # catching changes to membership (additions / removals) 
 $Changes =  Compare-Object $Members $(Import-Csv $StateFile) -Property Name, SamAccountName, DN | 
       Select-Object Name, SamAccountName, DN,@{n='State';e={ 
     If ($_.SideIndicator -eq "=>") {  
      "Removed" } Else { "Added" }  
     } 
    } 
  
 # If we have some changes, mail them to $Email 
 If ($Changes) {  
        $body = $($Changes |fl| out-string) 
        $smtp = new-object Net.Mail.SmtpClient($EmailServer) 
        $smtp.Send($emailFrom, $emailTo, $EmailSubject, $body) 
        } 
    #Save current state to the csv 
 $Members | Export-csv $StateFile -NoTypeInformation 
  
} 
#end region script

Open in new window

Group-Membershop.csv
0
Comment
Question by:amstoots
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 40

Accepted Solution

by:
Subsun earned 500 total points
ID: 38741264
If you are trying to see who modified the group then you need to enable auditing. There is no attribute in group object which can tell you who added the user account to group.

Depends on your AD environment you can find the articles from Google which will help you to enable the auditing..

Please check this out about this topic:
http://www.windowsecurity.com/articles/windows-active-directory-auditing.html
0
 

Author Closing Comment

by:amstoots
ID: 38743714
Well after doing some research on Auditing in AD environment I was able to correct the problem... thanks for your help again Subsun.....
0

Featured Post

IoT Devices - Fast, Cheap or Secure…Pick Two

The IoT market is growing at a rapid pace and manufacturers are under pressure to quickly provide new products. Can you be sure that your devices do what they're supposed to do, while still being secure?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Nano Server Image Builder helps you create a custom Nano Server image and bootable USB media with the aid of a graphical interface. Based on the inputs you provide, it generates images for deployment and creates reusable PowerShell scripts that …
A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…

626 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question