Add AD scripts and stage import instructions
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
sysadmin
92
scripts/Get-ADUserReport.ps1
Normal file
92
scripts/Get-ADUserReport.ps1
Normal file
@@ -0,0 +1,92 @@
|
||||
<#
|
||||
.SYNOPSIS
|
||||
Generates a report of all Active Directory users with key properties.
|
||||
|
||||
.DESCRIPTION
|
||||
This script queries Active Directory for all user accounts and exports
|
||||
key properties including name, email, last logon, account status, and group memberships.
|
||||
|
||||
.PARAMETER OutputPath
|
||||
Optional. Path to export CSV report. If not specified, outputs to console.
|
||||
|
||||
.PARAMETER IncludeDisabled
|
||||
Switch to include disabled accounts in the report.
|
||||
|
||||
.EXAMPLE
|
||||
.\Get-ADUserReport.ps1
|
||||
Lists all enabled users to console.
|
||||
|
||||
.EXAMPLE
|
||||
.\Get-ADUserReport.ps1 -OutputPath "C:\ClaudeTools\Logs\users.csv" -IncludeDisabled
|
||||
Exports all users (including disabled) to CSV file.
|
||||
|
||||
.NOTES
|
||||
Author: ClaudeTools Automation
|
||||
Version: 1.0
|
||||
Requires: ActiveDirectory PowerShell module
|
||||
#>
|
||||
|
||||
[CmdletBinding()]
|
||||
param(
|
||||
[Parameter(Mandatory=$false)]
|
||||
[string]$OutputPath,
|
||||
|
||||
[Parameter(Mandatory=$false)]
|
||||
[switch]$IncludeDisabled
|
||||
)
|
||||
|
||||
# Import AD module
|
||||
Import-Module ActiveDirectory -ErrorAction Stop
|
||||
|
||||
Write-Host "Querying Active Directory users..." -ForegroundColor Cyan
|
||||
|
||||
# Build filter
|
||||
$filter = if ($IncludeDisabled) { "*" } else { "Enabled -eq 'True'" }
|
||||
|
||||
# Get users with properties
|
||||
$users = Get-ADUser -Filter $filter -Properties `
|
||||
DisplayName,
|
||||
EmailAddress,
|
||||
Department,
|
||||
Title,
|
||||
Manager,
|
||||
LastLogonDate,
|
||||
PasswordLastSet,
|
||||
PasswordNeverExpires,
|
||||
Enabled,
|
||||
Created,
|
||||
MemberOf,
|
||||
Description |
|
||||
Select-Object `
|
||||
@{N='SamAccountName';E={$_.SamAccountName}},
|
||||
@{N='DisplayName';E={$_.DisplayName}},
|
||||
@{N='Email';E={$_.EmailAddress}},
|
||||
@{N='Department';E={$_.Department}},
|
||||
@{N='Title';E={$_.Title}},
|
||||
@{N='Enabled';E={$_.Enabled}},
|
||||
@{N='LastLogon';E={$_.LastLogonDate}},
|
||||
@{N='PasswordLastSet';E={$_.PasswordLastSet}},
|
||||
@{N='PasswordNeverExpires';E={$_.PasswordNeverExpires}},
|
||||
@{N='Created';E={$_.Created}},
|
||||
@{N='GroupCount';E={($_.MemberOf | Measure-Object).Count}},
|
||||
@{N='Description';E={$_.Description}}
|
||||
|
||||
$userCount = ($users | Measure-Object).Count
|
||||
Write-Host "Found $userCount users." -ForegroundColor Green
|
||||
|
||||
if ($OutputPath) {
|
||||
$users | Export-Csv -Path $OutputPath -NoTypeInformation
|
||||
Write-Host "Report exported to: $OutputPath" -ForegroundColor Green
|
||||
} else {
|
||||
$users | Format-Table -AutoSize
|
||||
}
|
||||
|
||||
# Summary statistics
|
||||
Write-Host "`n--- Summary ---" -ForegroundColor Yellow
|
||||
Write-Host "Total Users: $userCount"
|
||||
$enabledCount = ($users | Where-Object { $_.Enabled -eq $true } | Measure-Object).Count
|
||||
$disabledCount = ($users | Where-Object { $_.Enabled -eq $false } | Measure-Object).Count
|
||||
Write-Host "Enabled: $enabledCount"
|
||||
Write-Host "Disabled: $disabledCount"
|
||||
$neverExpire = ($users | Where-Object { $_.PasswordNeverExpires -eq $true } | Measure-Object).Count
|
||||
Write-Host "Password Never Expires: $neverExpire"
|
||||
Reference in New Issue
Block a user