Skip to content

Instantly share code, notes, and snippets.

@janegilring

janegilring/2013SGEvent4AdvancedSample.ps1

Created May 22, 2013 10:36
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save janegilring/5626670 to your computer and use it in GitHub Desktop.
Save janegilring/5626670 to your computer and use it in GitHub Desktop.
Download ZIP
Entry from the 2013 Scripting Games Advanced Event 4, reviewed at blog.powershell.no
Raw
2013SGEvent4AdvancedSample.ps1
#Requires -Version 3.0 -Module ActiveDirectory
<#
.SYNOPSIS
Create a report of randomly selected Active Directory users to be provided to auditors.
.DESCRIPTION
Randomly sample all Active Directory user accounts and create an html report of the
following properties: SamAccountName, Department, Title, LastLogonDate, PasswordLastSet, Enabled, LockedOut
.PARAMETER FilePath
Specifies the path to the output file
.PARAMETER Count
Determines how many users are sampled. The default is 20. If the value of Count exceeds the number of users in Active Directory,
the report will contain all of the users.
.PARAMETER PassThru
Returns the newly created html report file. By default, this cmdlet does not generate any output.
.PARAMETER Force
Allows the cmdlet to overwrite an existing read-only file. Even using the Force parameter, the cmdlet cannot override
security restrictions.
.INPUTS
NONE
.OUTPUTS
NONE
.EXAMPLE
.\New-ADUserAuditReport.ps1 .\Report.html
Creates a new report from 20 randomly selected Active Directory users and writes the content out to the file .\Report.html
.EXAMPLE
.\New-ADUserAuditReport.ps1 .\Report.html -Count 100
Creates a new report from 100 randomly selected Active Directory users and writes the content out to the file .\Report.html
.EXAMPLE
.\New-ADUserAuditReport.ps1 .\Report.html -PassThru | Invoke-Item
Creates a new report from 20 randomly selected Active Directory users and writes the content out to the file .\Report.html
and then invokes the item to launch the default Browser so the report can be viewed when it is ready.
#>
[CmdletBinding()]
param
(
[Parameter(Mandatory, Position=0)]
[ValidateScript({(Split-Path -Path $_ -Leaf) -match '\.html?$'})]
[string] $FilePath,
[PSDefaultValue(Help = 20)]
[ValidateRange(1, [int]::MaxValue)]
[int] $Count = 20,
[switch] $PassThru,
[switch] $Force
)
# ConvertTo-Html Parameters
$CTHParameters = @{
Title = 'Active Directory User Audit Report';
PreContent = '<h1>Active Directory User Audit Report</h1>'
PostContent = "<h5>Prepared by $ENV:USERNAME on $(Get-Date) from a random sample of $Count users</h5>";
Head = @'
<style type="text/css">
body {
font-family: Calibri,Arial;
}
table {
border-spacing: 0;
border-collapse: collapse;
}
th, td {
padding: 0.25em;
text-align: left;
}
table th {
background-color: #000!important;
color: #fff;
font-weight: bold;
}
table td:nth-child(4),
table td:nth-child(5),
table th:nth-child(4),
table th:nth-child(5) {
text-align: right;
}
table td:nth-child(6),
table td:nth-child(7),
table th:nth-child(6),
table th:nth-child(7) {
text-align: center;
}
table tr:nth-child(odd) {
background-color:#ddd;
}
</style>
'@;
}
Get-ADUser -Filter * -Properties SamAccountName,Department,Title,LastLogonDate,PasswordLastSet,Enabled,LockedOut -ErrorAction Stop |
Get-Random -Count $Count |
Sort-Object -Property AccountName |
ForEach-Object {
[PSCustomObject] [ordered]@{
'User Name' = $_.SamAccountName;
'Department' = $_.Department;
'Title' = $_.Title;
'Last Logon' = $_.LastLogonDate;
'Password Last Changed' = $_.PasswordLastSet;
'Disabled' = !$_.Enabled;
'Locked Out' = $_.LockedOut;
}
} |
ConvertTo-Html @CTHParameters |
Out-File -FilePath $FilePath -Force:$Force -ErrorAction Stop
if ($PassThru) {
Get-Item -Path $FilePath
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment