Powershell - display deleted objects in Active Directory
Hi EE
I was needing to find some information on deleted active directory objects and ran across this ( http://gallery.technet.microsoft.com/scriptcenter/Script-to-display-the-c995a5f6
) but I am receiving the error below .. can someone help ? or advice on what other Powershell way I can get info on deleted AD objects ?
************ Error *********
PS E:\projects\deleted> Import-Module DisplayDeletedADObjects.ps
Import-Module : The specified module 'DisplayDeletedADObjects.p
module directory.
At line:1 char:1
+ Import-Module DisplayDeletedADObjects.ps
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ResourceUnavailable: (DisplayDeletedADObjects.p
+ FullyQualifiedErrorId : Modules_ModuleNotFound,Mic
****** This is the Code**********
#-------------------------
#The sample scripts are not supported under any Microsoft standard support
#program or service. The sample scripts are provided AS IS without warranty
#of any kind. Microsoft further disclaims all implied warranties including,
#without limitation, any implied warranties of merchantability or of fitness for
#a particular purpose. The entire risk arising out of the use or performance of
#the sample scripts and documentation remains with you. In no event shall
#Microsoft, its authors, or anyone else involved in the creation, production, or
#delivery of the scripts be liable for any damages whatsoever (including,
#without limitation, damages for loss of business profits, business interruption,
#loss of business information, or other pecuniary loss) arising out of the use
#of or inability to use the sample scripts or documentation, even if Microsoft
#has been advised of the possibility of such damages
#-------------------------
#requires -Version 3.0
Import-module ActiveDirectory
Function Get-OSCDeletedADObjects
{
<#
.SYNOPSIS
Get-OSCDeletedADObjects is an advanced function which can be used to display deleted objects in Active Directory.
.DESCRIPTION
Get-OSCDeletedADObjects is an advanced function which can be used to display deleted objects in Active Directory.
.PARAMETER Name
Specifies the name of the output object to retrieve output object.
.PARAMETER StartTime
Specifies the start time to retrieve output object.
.PARAMETER EndTime
Specifies the end time to retrieve output object.
.PARAMETER Property
Specifies the properties of the output object to retrieve from the server.
.EXAMPLE
C:\PS> Get-OSCDeletedADObjects
This command shows all deleted objects in active directory.
.EXAMPLE
C:\PS> Get-OSCDeletedADObjects -StartTime 2/20/2013 -EndTime 2/28/2013
This command shows all deleted objects in active directory from 2/20/2013 to 2/28/2013
#>
[Cmdletbinding()]
Param
(
[Parameter(Mandatory=$fals
[String]$Name,
[Parameter(Mandatory,Posit
[DateTime]$StartTime,
[Parameter(Mandatory,Posit
[DateTime]$EndTime,
[Parameter(Mandatory=$fals
[String[]]$Property="*"
)
$AllADObjects = Get-ADObject -Filter {(isdeleted -eq $true) -and (name -ne "Deleted Objects")} -includeDeletedObjects -property $Property
If($StartTime -and $EndTime)
{
$AllADObjects | Where-Object{$_.whenChange
}
ElseIf($Name)
{
$AllADObjects | Where-Object{$_."msDS-Last
}
Else
{
$AllADObjects
}
}
I was needing to find some information on deleted active directory objects and ran across this ( http://gallery.technet.microsoft.com/scriptcenter/Script-to-display-the-c995a5f6
) but I am receiving the error below .. can someone help ? or advice on what other Powershell way I can get info on deleted AD objects ?
************ Error *********
PS E:\projects\deleted> Import-Module DisplayDeletedADObjects.ps
Import-Module : The specified module 'DisplayDeletedADObjects.p
module directory.
At line:1 char:1
+ Import-Module DisplayDeletedADObjects.ps
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ResourceUnavailable: (DisplayDeletedADObjects.p
+ FullyQualifiedErrorId : Modules_ModuleNotFound,Mic
****** This is the Code**********
#-------------------------
#The sample scripts are not supported under any Microsoft standard support
#program or service. The sample scripts are provided AS IS without warranty
#of any kind. Microsoft further disclaims all implied warranties including,
#without limitation, any implied warranties of merchantability or of fitness for
#a particular purpose. The entire risk arising out of the use or performance of
#the sample scripts and documentation remains with you. In no event shall
#Microsoft, its authors, or anyone else involved in the creation, production, or
#delivery of the scripts be liable for any damages whatsoever (including,
#without limitation, damages for loss of business profits, business interruption,
#loss of business information, or other pecuniary loss) arising out of the use
#of or inability to use the sample scripts or documentation, even if Microsoft
#has been advised of the possibility of such damages
#-------------------------
#requires -Version 3.0
Import-module ActiveDirectory
Function Get-OSCDeletedADObjects
{
<#
.SYNOPSIS
Get-OSCDeletedADObjects is an advanced function which can be used to display deleted objects in Active Directory.
.DESCRIPTION
Get-OSCDeletedADObjects is an advanced function which can be used to display deleted objects in Active Directory.
.PARAMETER Name
Specifies the name of the output object to retrieve output object.
.PARAMETER StartTime
Specifies the start time to retrieve output object.
.PARAMETER EndTime
Specifies the end time to retrieve output object.
.PARAMETER Property
Specifies the properties of the output object to retrieve from the server.
.EXAMPLE
C:\PS> Get-OSCDeletedADObjects
This command shows all deleted objects in active directory.
.EXAMPLE
C:\PS> Get-OSCDeletedADObjects -StartTime 2/20/2013 -EndTime 2/28/2013
This command shows all deleted objects in active directory from 2/20/2013 to 2/28/2013
#>
[Cmdletbinding()]
Param
(
[Parameter(Mandatory=$fals
[String]$Name,
[Parameter(Mandatory,Posit
[DateTime]$StartTime,
[Parameter(Mandatory,Posit
[DateTime]$EndTime,
[Parameter(Mandatory=$fals
[String[]]$Property="*"
)
$AllADObjects = Get-ADObject -Filter {(isdeleted -eq $true) -and (name -ne "Deleted Objects")} -includeDeletedObjects -property $Property
If($StartTime -and $EndTime)
{
$AllADObjects | Where-Object{$_.whenChange
}
ElseIf($Name)
{
$AllADObjects | Where-Object{$_."msDS-Last
}
Else
{
$AllADObjects
}
}
ASKER
Hi Footech .. can you help me modify this so It only returns deleted obects between certain months ? ex ..deleted from Aug - Sep ?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I can see the function have the parameters to add the date range..
Get-OSCDeletedADObjects -StartTime 2/20/2013 -EndTime 2/28/2013
Import-Module C:\temp\DisplayDeletedADOb
Get-OSCDeletedADObjects -StartTime 2/20/2013 -EndTime 2/28/2013
Import-Module DisplayDeletedADObjects.psThe error is because you didn't add the path of the module file in import command or you didn't copy the psm1 file to the module directory.. Try..m1
Import-Module : The specified module 'DisplayDeletedADObjects.psm1' was not loaded because no valid module file was found in any module directory.
Import-Module C:\temp\DisplayDeletedADOb
When you run the Import-Module command you need to be in the directory where the module files live or tell it where the module files live.
Also if you want to out put the results to a file you can append this to the end of the command: > listdeletedobjects.txt
Also if you want to out put the results to a file you can append this to the end of the command: > listdeletedobjects.txt
ASKER
Nice ! thanks footech
Open in new window
which will return all deleted objects.