Get AD Computer examples – Powershellbros.com

      Comments Off on Get AD Computer examples – Powershellbros.com
Get AD Computer examples Powershellbroscom

[ad_1]

In this article, I want to share a couple of illustrations of Get-ADComputer command. If at any time you wondered how to get laptop or computer objects from Lively Listing by some unique home, by password very last established assets or range, previous logon day, or some other research conditions this post if for you. Underneath you can discover few scripts that I was making use of just lately ūüôā

Get all personal computers

To get all computer systems from Active Directory we can just operate the following one particular-liner command:

Get-ADComputer -Filter *

There are numerous parameters that can be made use of in this command like SearchBase wherever you can specify Organizational Unit. For much more simple illustrations you can refer to the Microsoft Docs website page.

Get-ADComputer -Filter * -SearchBase 'OU=Pcs,DC=powershellbros,DC=com' 

This more innovative script will get all computer systems and also export effects to CSV file:

#===============================================================================================
# -------------------------------- PARAMS and MODULE -------------------------------------------
#=============================================================================================== 
Try
    # Import Modules
    Import-Module ActiveDirectory -ErrorAction Halt
    
    # Params
    $RunTime     = (Get-Day).ToUniversalTime()
    $SavePath    = "$PSScriptRootReports"
    $DCName      = ($env:LOGONSERVER -exchange "",'')
    $FileDate    = Get-Date -Format "yyyyMMddHHmmss"
    $OutputCsv   = "$SavePath$($FileDate)_All_Personal computers.csv"  
    $Folder      = Check-Route $SavePath if (-not $Folder)  [void] (New-Merchandise $SavePath -Type Listing -ErrorAction Quit) 

    "::::::: Script start time: $RunTime"
    "`nGetting all computes"
    "Success will be saved in: $OutputCsv"
    "You should wait around...."

Catch
    Produce-Warning $_.Exception.Message
    Examine-Host "Script will end. Push enter to shut the window"
    Exit



#===============================================================================================
# ---------------------------------- GET Computers ---------------------------------------------
#=============================================================================================== 
# Properties 
 $Props = @
        Filter         = "*"
        Server         = $DCName
        ResultPageSize = 5000000
        ResultSetSize  = $null
        Qualities="Identify",  
                         'DistinguishedName', 
                         'LastLogonDate',
                         'OperatingSystem', 
                         'OperatingSystemVersion', 
                         'whenCreated'


# Get computers and export to CSV
Get-ADComputer @Props | foreach  Export-Csv $OutputCsv -NoTypeInformation -Append     
 


#===============================================================================================
# --------------------------------- Final Effects ----------------------------------------------
#=============================================================================================== 
# Finish time
$EndTime = (Get-Date).ToUniversalTime()
"::::::: Script conclusion time: $EndTime"
$up      = $EndTime - $RunTime
$uptime  = "$($up.Times) times, $($up.Hrs)h, $($up.Minutes)mins"

 # Final results
"`nScript was jogging for: $uptime"
"Complete quantity of computers: $((Import-CSV $OutputCsv | Evaluate-Object).Rely)"

Read through-Host "Push enter to close"


Get personal computer by lastlogondate property

Up coming instance can be handy to find personal computers in which lastlogondate is higher than 30 times. LDAPFilter: ‚Äú(&(objectclass=computer)(lastlogontimestamp<=$LastLogon))‚ÄĚ

# Params ##################################################################
$LastLogon   = (Get-Date).AddDays(-30).ToFileTime()
$Props = @
        LDAPFilter     = "(&(objectclass=computer)(lastlogontimestamp<=$LastLogon))"
        Server         = ($env:LOGONSERVER -replace "",'')
        ResultPageSize = 2000
        ResultSetSize  = $null
        Properties="Name", 
                         'OperatingSystem', 
                         'SamAccountName', 
                         'DistinguishedName', 
                         'LastLogonDate'

  
# Get computers
Get-ADComputer @Props | select $Props.properties

Get computer by pwdlastset property

Here is a similar situation but this time it will get enabled comptuer objects by pwdlastset property. LDAPFilter: ‚Äú(&(objectclass=computer)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(pwdlastset<=$pwd))‚ÄĚ

#Import Modules and provide range ############################################        
Try
    Import-Module ActiveDirectory -ErrorAction Stop
    [int]$Start = Read-Host "Please provide number for Password Last Set days (for example greater than 30 days ago)"

Catch
    Write-Warning $_.Exception.Message
    Read-Host "Script will end. Press enter to close the window"
    Exit



#Params ##################################################################
$pwd       = (Get-Date).AddDays(-$($Start)).ToFileTime() 
$FileDate  = Get-Date -Format "yyyyMMddHHmmss"
$OutputCsv = "$PSScriptRootReports$($FileDate)_PwdLastSet_Computers_$($Start)_days.csv"
  
"`nResults will be saved $OutputCsv"
"Generating report. Please wait..."

#Properties ############################################################## 
$Props = @
    LDAPFilter     = "(&(objectclass=computer)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(pwdlastset<=$pwd))"
    Server         = ($env:LOGONSERVER -replace "",'')
    ResultPageSize = 2000000
    ResultSetSize  = $null
    Properties="DistinguishedName",'OperatingSystem', 'LastLogonDate' ,'pwdlastset', 'PasswordLastSet'
 
 
Get-ADComputer @Props | FOREACH 
                
    New-Object PSObject -Property ([ordered]@ 
  
        Computername         = $_.name
        Enabled              = $_.enabled
        DistinguishedName    = $_.DistinguishedName
        OrganizationalUnit   = If($_.DistinguishedName)(($_.DistinguishedName -split ',')[1]).trim()Else' - '
        OperatingSystem      = $_.OperatingSystem
        LastLogonDate        = $_.LastLogonDate
        PasswordLastSet      = If($_.PasswordLastSet)$_.PasswordLastSetElse' - '
        PasswordLastSetDiff  = If($_.PasswordLastSet) %"$($_.Days) days, $($_.Hours)h, $($_.Minutes)mins"Else' - '

                   
    )
            
 | Export-Csv $OutputCsv -NoTypeInformation -Append
            
"$((Import-CSV $OutputCsv | Measure-Object ).count) computers with password last set greater than $Start days"

Read-Host "Press enter to close"

Get computer by password last set date range

In this example, you can find how to get computers by password last set date range. You will be asked to provide time range and script will get objects using LDAPfilter ‚Äú(&(objectclass=computer)(pwdlastset<=$PwdStart)(pwdlastset>=$PwdEnd))‚ÄĚ:

#===============================================================================================
# -------------------------------- PARAMS and MODULE -------------------------------------------
#=============================================================================================== 
Try
    # Import Modules
    Import-Module ActiveDirectory -ErrorAction Stop
    
    # Specify range            
    [int]$Start = Read-Host "Please provide number for start of the range like 80 (80-90 days)"
    [int]$End   = Read-Host "Please provide number for end of the range like 90 (80-90 days)"

Catch
    Write-Warning $_.Exception.Message
    Read-Host "Script will end. Press enter to close the window"
    Exit


# Proceed if range is valid
If($End -lt $Start)
    Write-Warning "End of the time range is greater than start"
    Exit



#===============================================================================================
# ---------------------------------- GET COMPUTERS ---------------------------------------------
#=============================================================================================== 
Try{
    # Params
    $PwdEnd    = (Get-Date).AddDays(-$($End)).ToFileTime() 
    $PwdStart  = (Get-Date).AddDays(-$($Start)).ToFileTime() 
    $FileDate  = Get-Date -Format "yyyyMMddHHmmss"
    $SavePath  = "$PSScriptRootReports"
    $OutputCsv = "$SavePath$($FileDate)_PwdLastSet_Computers_($($Start)-$($End)).csv"
    $Folder    = Test-Path $SavePath if (-not $Folder)  [void] (New-Item $SavePath -Type Directory -ErrorAction Stop) 

    "`nResults will be saved $OutputCsv"
    "Generating report. Please wait..."

    # Command params
    $Props = @
                LDAPFilter     = "(&(objectclass=computer)(pwdlastset<=$PwdStart)(pwdlastset>=$PwdEnd))"
                Server         = ($env:LOGONSERVER -replace "",'')
                ResultPageSize = 2000000
                ResultSetSize  = $null
                Homes="DistinguishedName",
                                 'OperatingSystem', 
                                 'LastLogonDate',
                                 'pwdlastset', 
                                 'PasswordLastSet'
    
 
    # Get pcs
    $Comps = Get-ADComputer @Props | Pick out-Item 'Name', 
                                                   'Enabled', 
                                                   'DistinguishedName', 
                                                   'OperatingSystem', 
                                                   'LastLogonDate',
                                                   'PasswordLastSet', 
                                                   @n='PasswordLastSetDiff'e=(New-TimeSpan $_.PasswordLastSet)  
}
Capture
    Generate-Warning $_.Exception.Information
    Browse-Host "Script will stop. Push enter to shut the window"
    Exit



#===============================================================================================
# ---------------------------------- Ultimate Success ---------------------------------------------
#===============================================================================================        
 If($Comps) Measure-Item).count
    "$CompCount personal computers"

    # Export outcomes
    $Comps 
Else
    "No effects for ($($Begin)-$($Conclude)) time array" 


Read through-Host "Press any key to close"

Get laptop by any house

In final example, you can specify any property and benefit in LDAP filter: ‚Äú(&(objectclass=laptop or computer)($Home=$Worth))‚ÄĚ

#Import Modules and give assets ############################################        
Check out
    Import-Module ActiveDirectory -ErrorAction Prevent
                
    [string]$Residence = Read through-Host "Remember to provide laptop or computer residence identify, for instance OperatingSystem"
    [string]$Worth    = Go through-Host "Please provide $Home home value, for illustration Home windows 10 Organization"

Catch
    Publish-Warning $_.Exception.Information
    Go through-Host "Script will finish. Push enter to shut the window"
    Exit


If(!$House -and !$Benefit)
    Publish-Warning "Some thing went completely wrong"

Else decide on 'Name', 'Enabled', $House
        
    If($Comps) Evaluate-Object).depend
        "$CompCount desktops"
        $Comps 
    Else
        "No results for $Assets" 
    

Study-Host "Press any vital to close"

       

Please note ūüôā that WordPress is adding & figures to LDAPFilter: ‚Äú(&(objectclass=computer)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(pwdlastset<=$pwd))‚ÄĚ.

Valid LDAPFilter:

Get AD Computer examples - Powershellbros.com 2

I hope this was informative for you ūüôā See you in next articles.

[ad_2]

Source link