Powershell: User-audit ver 3

Audit User Information in Active Directory with PowerShell

In this blog post, we'll explore a PowerShell script that audits user information in an Active Directory environment. The script uses the Get-ADUser cmdlet to retrieve all users and then processes each user's properties to gather relevant information.

Prerequisites

The Script

The script starts by importing the Active Directory module and clearing the console.

Import-Module ActiveDirectory
Clear-host

The next step is to retrieve all AD users using the Get-ADUser cmdlet with a filter of *, which returns all users. The script then uses the Where-Object cmdlet to filter out any users without a UserPrincipalName or whose name contains "SVC*". Finally, the results are sorted by user name.

$users = Get-ADUser -Filter * | Where-Object { $_.UserPrincipalName -ne $null -and $_.Name -notlike 'SVC*' } | sort-object Name

How It Works

Initializing User Information Array

The script initializes an empty array called $userInfo to store user information.

$userInfo = @()

Processing Each User

The script loops through each user in the $users array using a foreach loop. For each user, it retrieves their properties using the Get-ADUser cmdlet with the -Identity parameter set to the user's distinguished name.

foreach ($user in $users) {
    Write-host "Processing $($user.Name)" -foregroundcolor Cyan
    $properties = Get-ADUser -Identity $user.DistinguishedName  -Properties *

    # Add user information to array
    $userInfo += [PSCustomObject]@{
        Name                  = $properties.Name
        Role                  = $properties.Title
        SamAccountName        = $properties.SamAccountName
        Email                 = $properties.mail
        Manager               = $properties.Manager
        Company               = $properties.Company
        Street                = $properties.StreetAddress
        Office                = $properties.Office
        DistinguishedName     = $properties.DistinguishedName
        Enabled               = $properties.Enabled
        PasswordNeverExpires  = $properties.PasswordNeverExpires
        LastLogonDate         = $properties.LastLogonDate
        PasswordLastSet       = $properties.PasswordLastSet
        AccountExpirationDate = $properties.AccountExpirationDate
        AccountLockoutTime    = $properties.AccountLockoutTime
        MemberOf              = $properties.MemberOf -join ";"
    }
}

Key Code Snippets

$userInfo | Export-Csv -Path "$dir\$env:userdomain-user-audit.csv" -NoTypeInformation

Usage Examples

This script can be run in a PowerShell console to generate a CSV file containing user information. The generated file will be named $env:userdomain-user-audit.csv, where $env:userdomain is the user domain.

Conclusion

This PowerShell script provides a useful tool for auditing user information in an Active Directory environment. By processing each user's properties and storing relevant information in an array, the script makes it easy to generate a CSV file containing detailed user information.