Rabih El Haj youssef
asked on
list of all disabled users in Active directory 2008
Hi All,
I am looking to export all disabled users in Active directory 2008 In a specific OU and outcome is user ID, Email Address Full name, and when was disabled or all properties * :) if possible
Prefer to user a Power shell Scripts
Thanks
Rabih
I am looking to export all disabled users in Active directory 2008 In a specific OU and outcome is user ID, Email Address Full name, and when was disabled or all properties * :) if possible
Prefer to user a Power shell Scripts
Thanks
Rabih
ASKER
Hi Will ,
Thanks for you quick response , is any way I can find how can I get to "ou=myou,dc=domain,dc=com" , where I can copy and past the structure of our AD object
Thanks
rabih
Thanks for you quick response , is any way I can find how can I get to "ou=myou,dc=domain,dc=com"
Thanks
rabih
ASKER
Hi Will ,
Not sure if my is incorrect
please see the below script after I ran it
"cmdlet Export-Csv at command pipeline position 1
Supply values for the following parameters:
InputObject: ^Z
[PS] H:\> "
please advise
Thanks
Rabih
Not sure if my is incorrect
please see the below script after I ran it
"cmdlet Export-Csv at command pipeline position 1
Supply values for the following parameters:
InputObject: ^Z
[PS] H:\> "
please advise
Thanks
Rabih
Sorry I forgot the Pipe command at the end of line 4. I have corrected this below.
Will.
Import-module activedirectory
Get-aduser -filter * -searchbase "ou=myou,dc=domain,dc=com" -properties displayname, samaccountname, primarysmtpaddress |
? {$_.Enabled -eq $false} |
select displayname, samaccountname, primarysmtpaddress, Enabled |
Export-csv "c:\resutls.csv" -nti
Will.
ASKER
is any way I can find how can I get to "ou=myou,dc=domain,dc=com" , where I can copy and past the structure of our AD object
This is just the path to where your OU is in AD.
Post a screenshot of your AD structure and I will tell you what is it. If this is a sub OU then post the entire structure.
Will.
Post a screenshot of your AD structure and I will tell you what is it. If this is a sub OU then post the entire structure.
Will.
ASKER
Hi Will
please see the below ou folders
domain.local>user Accounts and every folders under user Accounts
Thanks
Rabih
please see the below ou folders
domain.local>user Accounts and every folders under user Accounts
Thanks
Rabih
ASKER
I got it working , can I get also which OU this user are seating in .
or can I run it like -properties * and where I can add in the script
Thanks
Rabih
or can I run it like -properties * and where I can add in the script
Thanks
Rabih
I have modified the script below to add the DistinguishedName
Will.
Import-module activedirectory
Get-aduser -filter * -searchbase "ou=myou,dc=domain,dc=com" -properties displayname, samaccountname, primarysmtpaddress, DistinguishedName, Enabled |
? {$_.Enabled -eq $false} |
select displayname, samaccountname, primarysmtpaddress, DistinguishedName, Enabled |
Export-csv "c:\resutls.csv" -nti
Will.
ASKER
Thanks , how about if I need to know what OU are they seating on Please
The Distinguished Name shows the entire path where the user is located.
Will.
Will.
ASKER
Hi Will , nearly getting there
please see the blew error
[PS] H:\>.\resultdisabled.ps1
Get-ADUser : One or more properties are invalid.
Parameter name: primarysmtpaddress
At H:\resultdisabled.ps1:2 char:11
+ Get-aduser <<<< -filter * -searchbase "OU=User Accounts,DC=?????,DC=local " -properties displayname, samaccountname,
primarysmtpaddress, DistinguishedName, Enabled |
+ CategoryInfo : InvalidArgument: (:) [Get-ADUser], ArgumentException
+ FullyQualifiedErrorId : One or more properties are invalid.
Parameter name: primarysmtpaddress,Microso ft.ActiveD irectory.M anagement. Commands.G etADUser
[PS] H:\>
Please help
thanks
please see the blew error
[PS] H:\>.\resultdisabled.ps1
Get-ADUser : One or more properties are invalid.
Parameter name: primarysmtpaddress
At H:\resultdisabled.ps1:2 char:11
+ Get-aduser <<<< -filter * -searchbase "OU=User Accounts,DC=?????,DC=local
primarysmtpaddress, DistinguishedName, Enabled |
+ CategoryInfo : InvalidArgument: (:) [Get-ADUser], ArgumentException
+ FullyQualifiedErrorId : One or more properties are invalid.
Parameter name: primarysmtpaddress,Microso
[PS] H:\>
Please help
thanks
Ahhh...I have modified below...
Will.
Import-module activedirectory
Get-aduser -filter * -searchbase "ou=myou,dc=domain,dc=com" -properties displayname, samaccountname, mail, DistinguishedName, Enabled |
? {$_.Enabled -eq $false} |
select displayname, samaccountname, mail, DistinguishedName, Enabled |
Export-csv "c:\resutls.csv" -nti
Will.
ASKER
mate you did it and it is working . how can I give you a full points and grade is the higher A,B or C
ASKER
I tried to add to the script Logon Name, but gave me an error
what is Attr LDAP Name for USER LOGON NAME in AD , need to get users UPN also please with the above script
Thanks
Rabih
what is Attr LDAP Name for USER LOGON NAME in AD , need to get users UPN also please with the above script
Thanks
Rabih
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Quick response and excellent help
ASKER
are you able to look at the other question I have on this site
list of all network access and pritners for user in Active directory 2008
not sure if I have explain much
thanks
Rabih
list of all network access and pritners for user in Active directory 2008
not sure if I have explain much
thanks
Rabih
Open in new window
You cannot determine when the account was disabled using a script. You would have to reference the security logs on the domain controller and also requires having auditing enabled.
Will.