Solved

Search AD with Powershell for Active computer accounts

Posted on 2014-02-28
21
742 Views
Last Modified: 2014-03-06
Hi,

Can Expert please amend the below poweshell to inculde ONLY the active computer accounts. As it stands the script exports all the servers Active/Disabled.

Get-ADComputer -Filter * -Properties * | ? {$_.OperatingSystem -like "*2000*"} | select Name, OperatingSystem, OperatingSystemServicePack | Export-CSV C:\servers.csv

Thanks
0
Comment
Question by:badabing1
  • 10
  • 9
  • 2
21 Comments
 
LVL 13

Expert Comment

by:Santosh Gupta
Comment Utility
Please find the below script.
-----------------------------------------------------------
$computers = "<TextFileListofComputerToRunViaPoSh.txt>"
 
$ADComp = "<OutputFileLocation.txt/.Log>"
 
Get-Content $computers | Foreach {If (Get-ADComputer -Filter {Name -eq $_}) {Add-Content $ADComp "$_ is Enabled $((Get-ADComputer $_).enabled) in Active Directory."} Else {Add-Content $ADComp "Warning!! $_ is not in Active Directory."}}
--------------------------------------------------------------------
http://gallery.technet.microsoft.com/scriptcenter/Powershell-to-determine-if-14d30f94
0
 
LVL 14

Expert Comment

by:Justin Yeung
Comment Utility
? {$_.Enabled -eq $True -and $_.OperatingSystem -like "*2000*"}
0
 

Author Comment

by:badabing1
Comment Utility
Thanks you both,

my bad, i should have said servers that have not been logged on. We have number of server accounts in AD that are still enabled but the physical servers no longer exist.

please leave the Enabled variable in but add something for the servers that have not been logged on.

apology.

Thanks
0
 
LVL 14

Expert Comment

by:Justin Yeung
Comment Utility
you want to get all information and export to a file with all information or just filter the machines that meet your criteria?

if so what exact information you would like to see?

the machine that hasn't been logon since?

the machine is not pingable? (live)

the machine that is good?

OS, Name, and what else you would like? DSN?

do you want that to be moved to a OS after it considered that is dead?
0
 

Author Comment

by:badabing1
Comment Utility
Hi

I want to be able to export machine  that hasnt been logged on since 60 days to CSV files.

also servers that is not pingable

evrything else same as my first post criteria.

did you mean move to OU? if so not yet but will do once im happy with the inofrmation i need.

Thank you.
0
 
LVL 13

Expert Comment

by:Santosh Gupta
Comment Utility
0
 
LVL 14

Expert Comment

by:Justin Yeung
Comment Utility
$servers = Get-ADComputer -Filter *  -Properties *  | ? {$_.OperatingSystem -like "*2000*"}

foreach ($server in $servers)

{

$Checktime = (get-date).adddays(-60)

if ((($server.lastlogondate).date - $checktime.date) -le 0)

{

$ServerLastLogon = "False"

}

Else

{

$ServerLastLogon = "True"

}

 

$ping = Test-Connection -ComputerName $Server.name -count 1  -Quiet -ErrorAction  SilentlyContinue

if ($ping -eq "True")

{

$pingable = "True"

}

Else

{

$pingable = "False"

}

 

$array = @()

$Properties = @{ServerName=$server.name;"Last logon More than 30 days"=$serverlastlogon;pingable=$pingable;Enabled=$server.enabled;OperatingSystem=$server.operatingsystem}

$Newobject = New-Object  PSObject -Property  $Properties

$Array +=$Newobject

 

$Array
}
0
 

Author Comment

by:badabing1
Comment Utility
Justin - you are a genious!

slight tweak needed though, can you please amend the script so that only the computers that are active (pingable) are exported to a .csv file and anything thats not been logged on more than 30 days are excluded and anything less than that are included?  

(please ensure the list of computers is in a column so is easy to take out from csv)

i need the list of these computers from .csv to run registry settings against them!

This should do it, and i apologise for the changes. But hey you are the EXPERT.

Cheers
0
 
LVL 14

Expert Comment

by:Justin Yeung
Comment Utility
$servers = Get-ADComputer -Filter *  -Properties *  | ? {$_.OperatingSystem -like "*2000*"}

foreach ($server in $servers)

{

$Checktime = (get-date).adddays(-30)

if ((($server.lastlogondate).date - $checktime.date) -le 0)

{
#$ServerLastLogon = "False"
}

Else
{
$ServerLastLogon = "True"
$ping = Test-Connection -ComputerName $Server.name -count 1  -Quiet -ErrorAction  SilentlyContinue

if ($ping -eq "True")

{
$pingable = "True"
$array = @()

$Properties = @{"Server Name"=$server.name;"Last logon within 30 days"=$serverlastlogon;Pingable=$pingable;Enabled=$server.enabled;"Operating System"=$server.operatingsystem}

$Newobject = New-Object  PSObject -Property  $Properties

$Array +=$Newobject

 


}
}

$path = "d:\test.csv"

$array | Select-Object "Server Name","Last Logon within 30 days",Pingable,"Operating System",Enabled | export-csv $path -Append


}
0
 

Author Comment

by:badabing1
Comment Utility
Not sure why its complaining the 'Append' variable, but after removing that it seems to have worked. Has anything been excluded to csv file by removing the Append?


Export-Csv : A parameter cannot be found that matches parameter name 'Append'.
At C:\test2.ps1:40 char:128
+ $array | Select-Object "Server Name","Last Logon within 30 days",Pingable,"Operating System",Enabled | export-csv $pa
th -Append <<<<
    + CategoryInfo          : InvalidArgument: (:) [Export-Csv], ParameterBindingException
    + FullyQualifiedErrorId : NamedParameterNotFound,Microsoft.PowerShell.Commands.ExportCsvCommand

cheers
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 14

Expert Comment

by:Justin Yeung
Comment Utility
it should work with -append........

what version of PS do you have...........
0
 
LVL 14

Expert Comment

by:Justin Yeung
Comment Utility
it requires powershell 3.0 for csv to append......... just tried it on 2.0 no such option
0
 

Author Comment

by:badabing1
Comment Utility
Thanks Justin,

im trying this again, will report back.

cheers
0
 

Author Comment

by:badabing1
Comment Utility
Hi Justin,

Updating to powershell 3.0 has worked!

I feel bad asking but would it e bpossoble for you to add the IP address variable as well please?

everything else is fine just the IP address column is missing.

I promise i will not ask for anything more for this script, unless i have logged another ticket.

much appreciated!

Thanks
0
 
LVL 14

Expert Comment

by:Justin Yeung
Comment Utility
here you go lol

$servers = Get-ADComputer -Filter *  -Properties *  | ? {$_.OperatingSystem -like "*2000*"}

foreach ($server in $servers)

{

$Checktime = (get-date).adddays(-30)

if ((($server.lastlogondate).date - $checktime.date) -le 0)

{
#$ServerLastLogon = "False"
}

Else
{
$ServerLastLogon = "True"
$ping = Test-Connection -ComputerName $Server.name -count 1  -Quiet -ErrorAction  SilentlyContinue
if ($ping -eq "True")

{
$pingable = "True"

$NIC = Get-WmiObject -Class win32_networkadapterconfiguration -ComputerName $Server.Name | ? {$_.IPaddress -ne $null -and $_.IPEnabled -eq $true}



$array = @()

$Properties = @{"Server Name"=$server.name;"Last logon within 30 days"=$serverlastlogon;Pingable=$pingable;Enabled=$server.enabled;"Operating System"=$server.operatingsystem;"IP Address"=$Nic.ipaddress}

$Newobject = New-Object  PSObject -Property  $Properties

$Array +=$Newobject

 


}
}

$path = "d:\test.csv"

$array | Select-Object "Server Name","Last Logon within 30 days",Pingable,"Operating System",Enabled,"IP Address" | export-csv $path -Append


}
0
 

Author Comment

by:badabing1
Comment Utility
Hi Justin,

im getting system.string[] in IP column and seem to be getting a duplicate entries for one particular server?


Server1      TRUE      TRUE      Windows Server 2003      TRUE      System.String[]

Thanks
0
 
LVL 14

Accepted Solution

by:
Justin Yeung earned 250 total points
Comment Utility
$servers = Get-ADComputer -Filter *  -Properties *  | ? {$_.OperatingSystem -like "*2000*"}

foreach ($server in $servers)

{

$Checktime = (get-date).adddays(-30)

if ((($server.lastlogondate).date - $checktime.date) -le 0)

{
#$ServerLastLogon = "False"
}

Else
{
$ServerLastLogon = "True"
$ping = Test-Connection -ComputerName $Server.name -count 1  -Quiet -ErrorAction  SilentlyContinue
if ($ping -eq "True")

{
$pingable = "True"

$NIC = Get-WmiObject -Class win32_networkadapterconfiguration -ComputerName $Server.Name | ? {$_.IPaddress -ne $null -and $_.IPEnabled -eq $true}



$array = @()

$Properties = @{"Server Name"=$server.name;"Last logon within 30 days"=$serverlastlogon;Pingable=$pingable;Enabled=$server.enabled;"Operating System"=$server.operatingsystem;"IP Address"=$Nic.ipaddress -join ', '}

$Newobject = New-Object  PSObject -Property  $Properties

$Array +=$Newobject

 


}
}

$path = "d:\test.csv"

$array | Select-Object "Server Name","Last Logon within 30 days",Pingable,"Operating System",Enabled,"IP Address" | export-csv $path -Append


}
0
 

Author Closing Comment

by:badabing1
Comment Utility
Justin you deserve a gold medal, A true genius!! keep up the good work you are an asset to the Expert community. (I will be logging more script related tickets in future so please look out for them!)

Thank you very much!
0
 
LVL 14

Expert Comment

by:Justin Yeung
Comment Utility
lol no problem
0
 
LVL 14

Expert Comment

by:Justin Yeung
Comment Utility
This will work also, since you might have error obtaining ipaddress from a machine that can't resolve WMI object (RPC error etc).
$ping.IPV4address.IPaddresstostring will get the ip from DNS that you ping from instead. (only IP v4 address)

$servers = Get-ADComputer -Filter *  -Properties *  | ? {$_.OperatingSystem -like "*2000*"}

foreach ($server in $servers)

{

$Checktime = (get-date).adddays(-30)

if ((($server.lastlogondate).date - $checktime.date) -le 0)

{
#$ServerLastLogon = "False"
}

Else
{
$ServerLastLogon = "True"
$ping = Test-Connection -ComputerName $Server.name -count 1  -Quiet -ErrorAction  SilentlyContinue
if ($ping -eq "True")

{
$pingable = "True"

#$NIC = Get-WmiObject -Class win32_networkadapterconfiguration -ComputerName $Server.Name | ? {$_.IPaddress -ne $null -and $_.IPEnabled -eq $true}



$array = @()

$Properties = @{"Server Name"=$server.name;"Last logon within 30 days"=$serverlastlogon;Pingable=$pingable;Enabled=$server.enabled;"Operating System"=$server.operatingsystem;"IP Address"=$ping.IPV4address.IPAddressToString}

$Newobject = New-Object  PSObject -Property  $Properties

$Array +=$Newobject

 


}
}

$path = "d:\test.csv"

$array | Select-Object "Server Name","Last Logon within 30 days",Pingable,"Operating System",Enabled,"IP Address" | export-csv $path -Append


}
0
 

Author Comment

by:badabing1
Comment Utility
cool i will try this as well.

Thanks
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now