Category Archives: Audit

Import to Active Directory Users from PowerShell

Audit, Powershell

Another quick script to Import data from a CSV back in to Active Directory on a domain controller

# Import AD Module             
Import-Module ActiveDirectory 

#Get Admin accountb credential

$GetAdminact = Get-Credential
$DomainOU = GET-ADDomain | Select-Object -ExpandProperty UsersContainer

#Store the CSV in a table
$Users = Import-CSV c:\temp\ExportADUsers\Update.csv

foreach ($User in $Users)
{
           
#Search in specified OU and Update existing attributes            
 Get-ADUser -Filter "SamAccountName -eq '$($User.'Logon Name')'" -Properties * -SearchBase $DomainOU | Set-ADUser -GivenName $($User.'First Name') -Surname $($User.'Last Name') -DisplayName $($User.'Display Name') -Title $($User.'Directorate') -Description $($User.'Directorate') 

if (($User.'Account Status' -eq 'Disabled') ) {
#Search in specified OU and disabled accounts as required
 Get-ADUser -Filter "SamAccountName -eq '$($User.'Logon Name')'" -Properties * -SearchBase $DomainOU | Disable-ADAccount
 }

}

"Done"

Export Active Directory Computers to CSV

Audit, Powershell

Quick power shell to run on a Domain Controller to export all Computers with last logged in time to a CSV file located in C:\Temp\ExportADComputers
Some code was based on a Technet example but improved for my use to get Extended details out.

Example of CSV output

name whenCreated IPv4Address OperatingSystem OperatingSystemVersion LastLogonDate Enabled
Computer-001 09/01/2017 18:05 10.x.x.x Windows 10 Pro 10.0 (14393) 09/01/2017 18:08 TRUE

###########################################################
# AUTHOR  : Darren Banfi
# CREATED : 11-04-2018 
# UPDATED : 
# COMMENT : This script exports Active Directory computers
#           to a a csv file.
###########################################################

#1.0 - First Release


# Created Folder automatically
New-Item -ItemType directory -Path C:\Temp\ExportADComputers

#Define location of my script variable
#the -parent switch returns one directory lower from directory defined. 
#below will return up to ImportADUsers folder 
#and since my files are located here it will find it.
#It failes withpout appending "*.*" at the end

$path = Split-Path -parent "c:\temp\ExportADComputers\*.*"

#Create a variable for the date stamp in the log file

$LogDate = get-date -f yyyyMMddhhmm

#Define CSV and log file location variables
#they have to be on the same location as the script

$csvfile = $path + "\ALLADComputers_$logDate.csv"

#import the ActiveDirectory Module

Import-Module ActiveDirectory


#Sets the OU to do the base search for all Computer accounts, change as required.

$OUpaths = GET-ADDomain | Select-Object -ExpandProperty ComputersContainer

#Get Admin accountb credential

$GetAdminact = Get-Credential

# loop though the array of OUs, adding the computers to a list ('Object' really)
foreach ($iOUpath in $OUpaths)
    {
        ($objComputers += Get-ADComputer -SearchBase $iOUpath -Properties * -Filter *)    #You might need to refine the query witha 'Filter' depending on your AD structure
    }


#Export CSV report

$objComputers | Select name, whenCreated,  IPv4Address, OperatingSystem, OperatingSystemVersion, LastLogonDate, Enabled | Export-Csv -LiteralPath  $csvfile -NoTypeInformation

#Open the folder on screen
ii C:\Temp\ExportADComputers

"Done"