script or cmdlet to retrieve service accounts in AD, and export to a CSV file
Hello Team,
My customer runs a Windows 2008 Forest/domain functional level with multiple sites, and OUs, and one of these OUs
is dedicated to host service accounts.
Their standard convention name for any service accounts should start with "SVC" defined on the user logon name and display name
I have following scenario, and need to know to get a script, or cmdlet to retrieve any service accounts under a specific OU which logon name or display name may not contain "SVC"
The report should be exported to a CSV, and contain only those service accounts that were created with a different standard for logon name or display name
Please, test the script on your lab before posting here
My customer runs a Windows 2008 Forest/domain functional level with multiple sites, and OUs, and one of these OUs
is dedicated to host service accounts.
Their standard convention name for any service accounts should start with "SVC" defined on the user logon name and display name
I have following scenario, and need to know to get a script, or cmdlet to retrieve any service accounts under a specific OU which logon name or display name may not contain "SVC"
The report should be exported to a CSV, and contain only those service accounts that were created with a different standard for logon name or display name
Please, test the script on your lab before posting here
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
There is an example right there? The Distinguished Name of the OU in question? I wouldn't know the full path to your customer's dedicated service account OU.
If the name of this OU is unique (for example 'Service Accounts'), you can use Get-ADOrganizationalUnit:
If the name of this OU is unique (for example 'Service Accounts'), you can use Get-ADOrganizationalUnit:
$DN = (Get-ADOrganizationalUnit -Filter "Name -eq 'Service Accounts'").DistinguishedName
Get-ADUser -Filter "(SamAccountName -notlike 'SVC*') -or (DisplayName -notlike 'SVC*')" -Property DisplayName -SearchBase $DN |
Select-Object SamAccountName, DisplayName |
Export-Csv C:\Temp\BadServiceAccounts.csvASKER
zZX
ASKER