• Status: Solved
  • Priority: Low
  • Security: Public
  • Views: 57
  • Last Modified:

AD Enabled vs Disabled Users by searching AD email attribute

Hi Guys

I have had this script that works fine to query AD for users that exist in AD and or Not and if they are enabled or Disabled.


#Create a txt file with the AD usernames inside a txt file c:\Temp\userstatus\ named Balh.txt
#TXT FILE WOULD INCLUDE SAMACCOUNTNAME FROM AD ENVIRONMENT FOR EXAMPLE
#Blah01
#Blah02
#Blah03

$user = get-content C:\Temp\Blah.txt
$user | foreach {
$Name = "$_"
 $Searcher = [ADSISearcher]"(sAMAccountName=$Name)"
 $Results = $Searcher.FindOne()
 If ($Results -eq $Null) {"$Name not in AD" >> C:\Temp\userstatusblah.txt}
 Else {
 $status = (get-aduser $Name).enabled
 if ($status -eq "True"){
 
 "$Name is Enabled" >> C:\Temp\Blahuserstatus.txt}
 else{
 "$Name is Disabled" >> C:\Temp\Blahuserstatus.txt}
 }}
#If you want to check only enabled accounts delete the "#" below
 #get-content C:\userstatus\userstatus.txt | select-string "is Enabled" >> C:\userstatus\userstatus_enabled.txt
#If you want to check only disabled accounts delete the "#" below
get-content C:\Temp\Blahuserstatus.txt | select-string "is Disabled" >> C:\Temp\Blah_users_disabled_in_AD.txt
#If you want to check only accounts not in AD delete the "#" below
get-content C:\Temp\userstatusBlah.txt | select-string "not in AD" >> C:\Temp\Blah_users_not_in_AD.txt


This script works fine
However I need now read in the email address from the txt and have some code to lookup SAMaccountName from email address read in  to then resolve the SAMaccountName , to then use query ?

background:application does not have any common fields other than email address I can correlate.

How can i add this email address lookup for SAMaccountName for each user in txt file



#Create a txt file with the AD usernames inside a txt file c:\Temp\userstatus\ named Balh.txt
#TXT FILE WOULD INCLUDE SAMACCOUNTNAME FROM AD ENVIRONMENT FOR EXAMPLE
#Blah01@test.com.au
#Blah02@test.com.au
#Blah03@test.com.au
0
Johnathon Wright
Asked:
Johnathon Wright
  • 2
2 Solutions
 
Johnathon WrightAuthor Commented:
I worked it out ,  not elegant but it works

two separate scripts :)
0
 
Jose Gabriel Ortega CCEO J0rt3g4 Consulting ServicesCommented:
you need to transform your TXT into a CSV,
Something like this:
username,email
UserA,userA@email.com

Open in new window


Then you can load the CSV in powershell like this:
Import-Csv C:\Temp\Blah.txt

Open in new window


The final solution would be something like this:
#require version 5

[CmdletBinding()]
param(
    [Parameter(Mandatory=$true,Position=0)]$CsvFile
)

class Alumno{
	[string]$UserName
    [string]$SamAccountName
	[string]$email
    [bool]$Exists
    [bool]$Enabled
}

 Import-module ActiveDirectory
$results=@()
$user = Import-Csv $CsvFile

$user | foreach{
    #Load AD module
   
    $Name=$_.Username
    $userSearch= Get-ADUser -Filter {Name -eq $Name -and ObjectClass -eq "user"} -Properties Mail,Enabled 


    $obj= New-Object Alumno


    if($userSearch){
        #exists
        Write-Host -ForegroundColor Green "User Exists $($userSearch.GivenName)"
        $obj.Username=$userSearch.GivenName
        $obj.SamAccountName = $userSearch.SamAccountName
        $obj.Email=$userSearch.Email
        $obj.Enabled=$userSearch.Enabled
        $obj.Exists=$true
    }
    else{
        #doesn't exists
        Write-Host -ForegroundColor Red "User does not exists  $Name"
        $obj.Username=$Name
        $obj.Exists=$false
        $obj.enabled=$false
    }
    
    $Results+=$obj
}

#All results into different outputs
$results | ConvertTo-Csv | Out-File Here.CSV
$results | ConvertTo-Html| Out-File here.html
$results | ConvertTo-json| Out-File here.json

#Not in AD ($exists -eq false)
$results| where{$_.Exists -eq $False}

#In ad
$results| where{$_.Exists -eq $true}

#Enabled
$results |where{$_.Enabled -eq $true} 

#Disabled
$results |where{$_.Enabled -eq $false} 

Open in new window

0
 
Johnathon WrightAuthor Commented:
I only know the email address at first , I then query to find SAMaccount name.  They cant exists in the same txt file at first
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

How do you know if your security is working?

Protecting your business doesn’t have to mean sifting through endless alerts and notifications. With WatchGuard Total Security Suite, you can feel confident that your business is secure, meaning you can get back to the things that have been sitting on your to-do list.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now