asked on

Help with Powershell script finding disabled users accounts in Active Directory.

I need help with the below script. The script is working as it should, but need to find out how I can filter out enabled users and just show disabled accounts. Also, want to add search for disabled account in the last 7 days, this would be based on the criteria that it is disabled, and the "whenChanged" attribute in active directory.

Import-Module ActiveDirectory
Get-Aduser -Filter * -Properties * | Select-Object Name,SamAccountName,whenChanged,Enabled,AccountExpirationDate,@{Name="LastLogonTimestamp"; Expression={[DateTime]::FromFileTime($_.lastLogonTimestamp)}},@{Name="Lastlgon"; Expression={[DateTime]::FromFileTime($_.lastlogon)}},LastlogonDate | Export-Csv C:\Export1.csv

Lastly, I like to export the file into a get-date format so it would look something like this "MM_dd_yyyy_HH_mm"

ex. $date = Get-Date -Format "MM_dd_yyyy_HH_mm"
$outputfile = "c:\temp\Disabled_Accounts_Report_$date.csv"

How would I be able to incorporate this into the powershell script.

Philip Portnoy

Hello,

just add a "Where-Object" into the pipe.
In your case it's gonna look like:

$filename = "c:\temp\Disabled_Accounts_Report_" + (Get-Date -Format "MM_dd_yyyy_HH_mm").ToString() + ".csv"

Get-Aduser -Filter * -Properties * | Select-Object Name,SamAccountName,whenChanged,Enabled,AccountExpirationDate,@{Name="LastLogonTimestamp"; Expression={[DateTime]::FromFileTime($_.lastLogonTimestamp)}},@{Name="Lastlgon"; Expression={[DateTime]::FromFileTime($_.lastlogon)}},LastlogonDate | Where-Object {$_.Enabled -eq $false} | Export-Csv $filename

Open in new window

tools2teach

ASKER

Perfect!

How do add filter by last 7 days that an account was disabled based on the "whenChanged" attribute in active directory users?

ASKER CERTIFIED SOLUTION

Philip Portnoy

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

tools2teach

ASKER

Thanks, but I'm getting the following error when trying to run it
Get-Aduser -Filter * -Properties * | Select-Object Name,SamAccountName,whenChanged,Enabled,AccountExpirationDate,@{Name="LastLogonTimestamp"; Expression={[DateTime]::FromFileTime($_.lastLogonTimestamp)}},@{Name="Lastlgon"; Expression={[DateTime]::FromFileTime($_.lastlogon)}},LastlogonDate | Where-Object {$_.Enabled -eq $false -AND $_.WhenChanged -ge Get-Date.AddDays(-7)} | Export-Csv $filename
At line:3 char:352
+ ... WhenChanged -ge Get-Date.AddDays(-7)} | Export-Csv $filename
+ ~
You must provide a value expression on the right-hand side of the '-ge' operator.
At line:3 char:353
+ ... henChanged -ge Get-Date.AddDays(-7)} | Export-Csv $filename
+ ~~~~~~~~~~~~~~~~
Unexpected token 'Get-Date.AddDays' in expression or statement.
+ CategoryInfo : ParserError: (:) [], ParentContainsErrorRecordException
+ FullyQualifiedErrorId : ExpectedValueExpression

Philip Portnoy

Just try including whole condition into ().
Like this: -ge (Get-Date.AddDays(-7))

tools2teach

ASKER

I'm getting no dice on this one. Get the following error with the modified commands
Get-Date.AddDays : The term 'Get-Date.AddDays' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:4 char:354
+ ... enChanged -ge (Get-Date.AddDays(-7))} | Export-Csv $filename
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Get-Date.AddDays:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

Get-Date.AddDays : The term 'Get-Date.AddDays' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:4 char:354
+ ... enChanged -ge (Get-Date.AddDays(-7))} | Export-Csv $filename
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Get-Date.AddDays:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

Get-Date.AddDays : The term 'Get-Date.AddDays' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:4 char:354
+ ... enChanged -ge (Get-Date.AddDays(-7))} | Export-Csv $filename
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Get-Date.AddDays:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

Get-Date.AddDays : The term 'Get-Date.AddDays' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:4 char:354
+ ... enChanged -ge (Get-Date.AddDays(-7))} | Export-Csv $filename
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Get-Date.AddDays:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

Get-Date.AddDays : The term 'Get-Date.AddDays' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:4 char:354
+ ... enChanged -ge (Get-Date.AddDays(-7))} | Export-Csv $filename
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Get-Date.AddDays:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

Get-Date.AddDays : The term 'Get-Date.AddDays' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:4 char:354
+ ... enChanged -ge (Get-Date.AddDays(-7))} | Export-Csv $filename
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Get-Date.AddDays:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

Get-Date.AddDays : The term 'Get-Date.AddDays' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:4 char:354
+ ... enChanged -ge (Get-Date.AddDays(-7))} | Export-Csv $filename
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Get-Date.AddDays:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

Get-Date.AddDays : The term 'Get-Date.AddDays' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:4 char:354
+ ... enChanged -ge (Get-Date.AddDays(-7))} | Export-Csv $filename
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Get-Date.AddDays:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

Get-Date.AddDays : The term 'Get-Date.AddDays' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:4 char:354
+ ... enChanged -ge (Get-Date.AddDays(-7))} | Export-Csv $filename
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Get-Date.AddDays:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

Get-Date.AddDays : The term 'Get-Date.AddDays' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:4 char:354
+ ... enChanged -ge (Get-Date.AddDays(-7))} | Export-Csv $filename
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Get-Date.AddDays:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

Get-Date.AddDays : The term 'Get-Date.AddDays' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:4 char:354
+ ... enChanged -ge (Get-Date.AddDays(-7))} | Export-Csv $filename
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Get-Date.AddDays:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

Get-Date.AddDays : The term 'Get-Date.AddDays' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:4 char:354
+ ... enChanged -ge (Get-Date.AddDays(-7))} | Export-Csv $filename
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Get-Date.AddDays:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

Get-Date.AddDays : The term 'Get-Date.AddDays' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:4 char:354
+ ... enChanged -ge (Get-Date.AddDays(-7))} | Export-Csv $filename
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Get-Date.AddDays:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

Get-Date.AddDays : The term 'Get-Date.AddDays' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:4 char:354
+ ... enChanged -ge (Get-Date.AddDays(-7))} | Export-Csv $filename
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Get-Date.AddDays:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

Get-Date.AddDays : The term 'Get-Date.AddDays' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:4 char:354
+ ... enChanged -ge (Get-Date.AddDays(-7))} | Export-Csv $filename
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Get-Date.AddDays:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

Get-Date.AddDays : The term 'Get-Date.AddDays' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:4 char:354
+ ... enChanged -ge (Get-Date.AddDays(-7))} | Export-Csv $filename
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Get-Date.AddDays:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

Get-Date.AddDays : The term 'Get-Date.AddDays' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:4 char:354
+ ... enChanged -ge (Get-Date.AddDays(-7))} | Export-Csv $filename
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Get-Date.AddDays:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

Get-Date.AddDays : The term 'Get-Date.AddDays' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:4 char:354
+ ... enChanged -ge (Get-Date.AddDays(-7))} | Export-Csv $filename
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Get-Date.AddDays:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

Get-Date.AddDays : The term 'Get-Date.AddDays' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:4 char:354
+ ... enChanged -ge (Get-Date.AddDays(-7))} | Export-Csv $filename
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Get-Date.AddDays:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

Get-Date.AddDays : The term 'Get-Date.AddDays' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:4 char:354
+ ... enChanged -ge (Get-Date.AddDays(-7))} | Export-Csv $filename
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Get-Date.AddDays:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

Get-Date.AddDays : The term 'Get-Date.AddDays' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:4 char:354
+ ... enChanged -ge (Get-Date.AddDays(-7))} | Export-Csv $filename
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Get-Date.AddDays:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

Get-Date.AddDays : The term 'Get-Date.AddDays' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:4 char:354
+ ... enChanged -ge (Get-Date.AddDays(-7))} | Export-Csv $filename
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Get-Date.AddDays:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

Get-Date.AddDays : The term 'Get-Date.AddDays' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:4 char:354
+ ... enChanged -ge (Get-Date.AddDays(-7))} | Export-Csv $filename
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Get-Date.AddDays:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

Get-Date.AddDays : The term 'Get-Date.AddDays' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:4 char:354
+ ... enChanged -ge (Get-Date.AddDays(-7))} | Export-Csv $filename
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Get-Date.AddDays:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

Get-Date.AddDays : The term 'Get-Date.AddDays' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:4 char:354
+ ... enChanged -ge (Get-Date.AddDays(-7))} | Export-Csv $filename
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Get-Date.AddDays:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

Get-Date.AddDays : The term 'Get-Date.AddDays' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:4 char:354
+ ... enChanged -ge (Get-Date.AddDays(-7))} | Export-Csv $filename
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Get-Date.AddDays:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

Get-Date.AddDays : The term 'Get-Date.AddDays' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:4 char:354
+ ... enChanged -ge (Get-Date.AddDays(-7))} | Export-Csv $filename
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Get-Date.AddDays:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

Get-Date.AddDays : The term 'Get-Date.AddDays' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:4 char:354
+ ... enChanged -ge (Get-Date.AddDays(-7))} | Export-Csv $filename
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Get-Date.AddDays:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

Get-Date.AddDays : The term 'Get-Date.AddDays' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:4 char:354
+ ... enChanged -ge (Get-Date.AddDays(-7))} | Export-Csv $filename
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Get-Date.AddDays:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

SOLUTION

Philip Portnoy

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

tools2teach

ASKER

Thanks man! That worked.