-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathGet-AD Users ceated in last X days.ps1
More file actions
80 lines (70 loc) · 3.75 KB
/
Get-AD Users ceated in last X days.ps1
File metadata and controls
80 lines (70 loc) · 3.75 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
# Load AD Module
Import-Module ActiveDirectory
# UI for Input
Add-Type -AssemblyName Microsoft.VisualBasic
$days = [Microsoft.VisualBasic.Interaction]::InputBox("Enter number of days to look back:", "AD Forest Report", "7")
if ([string]::IsNullOrWhiteSpace($days)) { Write-Host "Cancelled."; exit }
$dateThreshold = (Get-Date).AddDays(-$days)
$exportPath = "$env:USERPROFILE\Desktop\AD_NewUsers_Report_$((Get-Date).ToString('yyyyMMdd')).csv"
$results = @()
# Get all domains in the forest
$allDomains = (Get-ADForest).Domains
Write-Host "Starting forest scan for users created since $dateThreshold..." -ForegroundColor Cyan
foreach ($domain in $allDomains) {
Write-Host "Scanning Domain: $domain" -ForegroundColor Gray
try {
# Define all requested properties
$props = @(
"GivenName", "Surname", "DisplayName", "Title", "UserPrincipalName",
"SamAccountName", "EmailAddress", "Department", "EmployeeID",
"EmployeeNumber", "EmployeeType", "Description", "Manager",
"whenCreated", "PasswordNeverExpires", "PasswordExpired",
"msExchExtensionAttribute27", "msExchExtensionAttribute28",
"extensionAttribute5", "extensionAttribute6", "DistinguishedName"
)
$users = Get-ADUser -Filter 'whenCreated -ge $dateThreshold' -Server $domain -Properties $props | ForEach-Object {
# Resolve Manager Name
$mgrName = "N/A"
if ($_.Manager) {
try { $mgrName = (Get-ADUser -Identity $_.Manager -Server $domain).DisplayName } catch { $mgrName = "Unknown/Cross-Domain" }
}
# Map to Spreadsheet Columns
[PSCustomObject]@{
"First Name" = $_.GivenName
"Last Name" = $_.Surname
"Display Name" = $_.DisplayName
"Employee Name" = $_.DisplayName
"Title" = $_.Title
"User Logon Name (UPN)" = $_.UserPrincipalName
"SamAccountName" = $_.SamAccountName
"Email Address" = $_.EmailAddress
"Department" = $_.Department
"Employee ID" = $_.EmployeeID
"Employee Number" = $_.EmployeeNumber
"Employee Type" = $_.EmployeeType
"Description" = $_.Description
"Manager Name" = $mgrName
"Date Created" = $_.whenCreated
"Password Never Expire" = $_.PasswordNeverExpires
"Reset Password at First Logon" = $_.PasswordExpired
"MsExchExtensionAttribute27" = $_.msExchExtensionAttribute27
"MsExchExtensionAttribute28" = $_.msExchExtensionAttribute28
"Custom Attribute 5" = $_.extensionAttribute5
"Custom Attribute 6" = $_.extensionAttribute6
"Distinguished Name" = $_.DistinguishedName
"Domain" = $domain
}
}
$results += $users
} catch {
Write-Warning "Failed to query $domain. Ensure you have connectivity and permissions."
}
}
# Export to CSV and Open
if ($results) {
$results | Export-Csv -Path $exportPath -NoTypeInformation -Encoding UTF8
Write-Host "Success! Report saved to Desktop: $exportPath" -ForegroundColor Green
Invoke-Item $exportPath
} else {
Write-Host "No users found for the selected timeframe." -ForegroundColor Yellow
}