Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

VBScript or PowerShell for to generate report from Active Directory

Posted on 2015-02-18
6
Medium Priority
?
144 Views
Last Modified: 2015-02-23
Hi, require assistance to generate report (csv or xls) from Active Directory for users with below information. The script should be able to customize to specific AD OU's.

The report should have following information in the excel\csv:-
Account (enable or disabled)
Account with Expire (yes or no)
Expiry date (if expiry enabled)
HIDDEN FROM ADDRESS LIST (yes or no)
displayName
mail
samAccountName
Description
title
department
telephoneNumber
MOBILE
Manager
physicalDeliveryOfficeName,
Company

Thank you..
0
Comment
Question by:TJOSY
  • 4
  • 2
6 Comments
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 40616696
You are trying to get information from multiple cmdlets and export them to a CSV. For this you will need to create a hash table and create a new object and out-put this information. See command below...

Also do you have a list of users or you just want to query all users in your domain?

This will get all info from all AD Accounts in your environment
Import-Module activedirectory
$AllUsers = Get-ADUser -Filter * -Properties samaccountname
Foreach ($User in $AllUsers) {
$ADStats = Get-ADUser -Identity $User -Properties *
$EXCHStats = Get-Mailbox -Identity $User
$Data =@{'Account Enabled / Disabled'=$ADStats.Enabled;
         'Account Expires'=$ADStats.AccountExpires;
         'Account Expires Date'=$ADStats.AccountExpirationDate;
         'Hidden From Address Book'=$EXCHStats.HiddenFromAddressListsEnabled;
         'DisplayName'=$ADStats.DisplayName;
         'Email'=$ADStats.mail;
         'sAMAccountName'=$ADStats.SamAccountName;
         'Description'=$ADStats.Description;
         'Title'=$ADStats.Title;
         'Department'=$ADStats.Department;
         'Phone #'=$ADStats.telephoneNumber;
         'Mobile #'=$ADStats.MobilePhone;
         'Manager'=$ADStats.Manager;
         'Office'=$ADStats.Office;
         'Company'=$ADStats.Company
           }
        $Obj = New-Object -TypeName psobject -Property $Data
        Write-Output $Obj | out-file <filename.csv> -append
 }

Open in new window


If you want to do it from a txt file use the below command...
Import-Module activedirectory
$AllUsers = Get-Content <filename.txt>
Foreach ($User in $AllUsers) {
$ADStats = Get-ADUser -Identity $User -Properties *
$EXCHStats = Get-Mailbox -Identity $User
$Data =@{'Account Enabled / Disabled'=$ADStats.Enabled;
         'Account Expires'=$ADStats.AccountExpires;
         'Account Expires Date'=$ADStats.AccountExpirationDate;
         'Hidden From Address Book'=$EXCHStats.HiddenFromAddressListsEnabled;
         'DisplayName'=$ADStats.DisplayName;
         'Email'=$ADStats.mail;
         'sAMAccountName'=$ADStats.SamAccountName;
         'Description'=$ADStats.Description;
         'Title'=$ADStats.Title;
         'Department'=$ADStats.Department;
         'Phone #'=$ADStats.telephoneNumber;
         'Mobile #'=$ADStats.MobilePhone;
         'Manager'=$ADStats.Manager;
         'Office'=$ADStats.Office;
         'Company'=$ADStats.Company
           }
        $Obj = New-Object -TypeName psobject -Property $Data
        Write-Output $Obj | out-file <filename.csv> -append
 }

Open in new window


Running this command for a single user
Import-Module activedirectory
$User = Read-Host "Enter your samaccountname here"
$ADStats = Get-ADUser -Identity $User -Properties *
$EXCHStats = Get-Mailbox -Identity $User
$Data =@{'Account Enabled / Disabled'=$ADStats.Enabled;
         'Account Expires'=$ADStats.AccountExpires;
         'Account Expires Date'=$ADStats.AccountExpirationDate;
         'Hidden From Address Book'=$EXCHStats.HiddenFromAddressListsEnabled;
         'DisplayName'=$ADStats.DisplayName;
         'Email'=$ADStats.mail;
         'sAMAccountName'=$ADStats.SamAccountName;
         'Description'=$ADStats.Description;
         'Title'=$ADStats.Title;
         'Department'=$ADStats.Department;
         'Phone #'=$ADStats.telephoneNumber;
         'Mobile #'=$ADStats.MobilePhone;
         'Manager'=$ADStats.Manager;
         'Office'=$ADStats.Office;
         'Company'=$ADStats.Company
           }
        $Obj = New-Object -TypeName psobject -Property $Data
        Write-Output $Obj

Open in new window


Will.
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 40618996
Just another note, what version of Exchange are you running? You might need to add the following snapin to each of the scripts for the version of Exchange you are running.

Exchange 2007 - add-pssnapin microsoft.exchange.management.powershell.admin
Exchange 2010 - add-pssnapin microsoft.exchange.management.powershell.E2010
Exchange 2013 - add-pssnapin microsoft.exchange.management.powershell.E2013

Will.
0
 

Author Comment

by:TJOSY
ID: 40619634
Thank you Will. infact im getting error while running the first script.
im using exchange 2013. can you guide me where to place "add-pssnapin microsoft.exchange.management.powershell.E2013" command to the script
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 

Author Comment

by:TJOSY
ID: 40619721
Need your help to get the result in the attached format
Export-Template.csv
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 40619794
Unfortunately, because we are using hash tables to grab the data from multiple cmdlets this is the only way to present the data. However, you removed the attribute HiddenFromAddressList this command would be much easier, because you can just use a single cmdlet.

Will.
0
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 2000 total points
ID: 40619843
If you removed the HiddenFromAddressList all you would have to do is the following...

import-module activedirectory
Get-AdUser -Filter * -Properties displayName, samAccountName, Description, title, mail, department, AccountExpires, AccountExpirationDate, Enabled, telephoneNumber, MOBILEPhone, Manager, Office, Company | select displayName, samAccountName, Description, title, mail, department, AccountExpires, AccountExpirationDate, Enabled, telephoneNumber, MOBILEPhone, Manager, Office, Company | export-csv "c:\UsersStats.csv" -notypeinformation

Open in new window


Will.
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
High user turnover can cause old/redundant user data to consume valuable space. UserResourceCleanup was developed to address this by automatically deleting user folders when the user account is deleted.
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question