Created
May 22, 2013 10:36
-
-
Save janegilring/5626670 to your computer and use it in GitHub Desktop.
Entry from the 2013 Scripting Games Advanced Event 4, reviewed at blog.powershell.no
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#Requires -Version 3.0 -Module ActiveDirectory | |
<# | |
.SYNOPSIS | |
Create a report of randomly selected Active Directory users to be provided to auditors. | |
.DESCRIPTION | |
Randomly sample all Active Directory user accounts and create an html report of the | |
following properties: SamAccountName, Department, Title, LastLogonDate, PasswordLastSet, Enabled, LockedOut | |
.PARAMETER FilePath | |
Specifies the path to the output file | |
.PARAMETER Count | |
Determines how many users are sampled. The default is 20. If the value of Count exceeds the number of users in Active Directory, | |
the report will contain all of the users. | |
.PARAMETER PassThru | |
Returns the newly created html report file. By default, this cmdlet does not generate any output. | |
.PARAMETER Force | |
Allows the cmdlet to overwrite an existing read-only file. Even using the Force parameter, the cmdlet cannot override | |
security restrictions. | |
.INPUTS | |
NONE | |
.OUTPUTS | |
NONE | |
.EXAMPLE | |
.\New-ADUserAuditReport.ps1 .\Report.html | |
Creates a new report from 20 randomly selected Active Directory users and writes the content out to the file .\Report.html | |
.EXAMPLE | |
.\New-ADUserAuditReport.ps1 .\Report.html -Count 100 | |
Creates a new report from 100 randomly selected Active Directory users and writes the content out to the file .\Report.html | |
.EXAMPLE | |
.\New-ADUserAuditReport.ps1 .\Report.html -PassThru | Invoke-Item | |
Creates a new report from 20 randomly selected Active Directory users and writes the content out to the file .\Report.html | |
and then invokes the item to launch the default Browser so the report can be viewed when it is ready. | |
#> | |
[CmdletBinding()] | |
param | |
( | |
[Parameter(Mandatory, Position=0)] | |
[ValidateScript({(Split-Path -Path $_ -Leaf) -match '\.html?$'})] | |
[string] $FilePath, | |
[PSDefaultValue(Help = 20)] | |
[ValidateRange(1, [int]::MaxValue)] | |
[int] $Count = 20, | |
[switch] $PassThru, | |
[switch] $Force | |
) | |
# ConvertTo-Html Parameters | |
$CTHParameters = @{ | |
Title = 'Active Directory User Audit Report'; | |
PreContent = '<h1>Active Directory User Audit Report</h1>' | |
PostContent = "<h5>Prepared by $ENV:USERNAME on $(Get-Date) from a random sample of $Count users</h5>"; | |
Head = @' | |
<style type="text/css"> | |
body { | |
font-family: Calibri,Arial; | |
} | |
table { | |
border-spacing: 0; | |
border-collapse: collapse; | |
} | |
th, td { | |
padding: 0.25em; | |
text-align: left; | |
} | |
table th { | |
background-color: #000!important; | |
color: #fff; | |
font-weight: bold; | |
} | |
table td:nth-child(4), | |
table td:nth-child(5), | |
table th:nth-child(4), | |
table th:nth-child(5) { | |
text-align: right; | |
} | |
table td:nth-child(6), | |
table td:nth-child(7), | |
table th:nth-child(6), | |
table th:nth-child(7) { | |
text-align: center; | |
} | |
table tr:nth-child(odd) { | |
background-color:#ddd; | |
} | |
</style> | |
'@; | |
} | |
Get-ADUser -Filter * -Properties SamAccountName,Department,Title,LastLogonDate,PasswordLastSet,Enabled,LockedOut -ErrorAction Stop | | |
Get-Random -Count $Count | | |
Sort-Object -Property AccountName | | |
ForEach-Object { | |
[PSCustomObject] [ordered]@{ | |
'User Name' = $_.SamAccountName; | |
'Department' = $_.Department; | |
'Title' = $_.Title; | |
'Last Logon' = $_.LastLogonDate; | |
'Password Last Changed' = $_.PasswordLastSet; | |
'Disabled' = !$_.Enabled; | |
'Locked Out' = $_.LockedOut; | |
} | |
} | | |
ConvertTo-Html @CTHParameters | | |
Out-File -FilePath $FilePath -Force:$Force -ErrorAction Stop | |
if ($PassThru) { | |
Get-Item -Path $FilePath | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment