Audit Scripts: Get Active Directory Users

Audit Scripts
Comments

Active Directory is essential in organization but auditing is very essential to maintain AD health and security compliance.

The audit script is written to extract data with AD attributes as well as custom attributes (requires custom coding) such as Last Logon Days. All the dates are formatted with Timezone offset.

The script will output the result in csv file and you can analyze using spreadsheet software.

Active Directory Attributes:

Active Directory attributes included are:

adspath, displayname, sAMAccountName, givenName, SN, whenCreated, whenChanged, pwdLastSet, lastLogon, department, description, ipPhone, telephoneNumber, mail

Custom Attributes (requires coding) are:

LastLogonDays, LastPasswordSetDays. DC_Path, OU_Path

 

Pre-Requisites:

  1. Download Audit Scripts and Unzip

  2. Copy Audit Scripts into Server that can connect to ActiveDirectory

  3. Execute Audit script with ActiveDirectory Administrator account

Steps:

  1. Edit Audit Script YLNotes__AD_Audit_GetAdUsers.cmd

  2. Under Configuration Input Section, enter LDAP Path

  3. Execute Audit Script YLNotes__AD_Audit_GetAdUsers.cmd

  4. The Audit Report is stored in AuditReports folder in csv file format

  5. Open csv file using Excel

ADGetUsers_0001

ADGetUsers_0002

 

Audit Scripts:

  1. YLNotes__AD_Audit_GetAdUsers.cmd
  2. YLNotes__AD_Audit_GetAdUsers_Engine.vbs

Download

Updated: 17/09/2014 — 10:52 PM

Leave a Reply

Your email address will not be published. Required fields are marked *

12 − 11 =

This site uses Akismet to reduce spam. Learn how your comment data is processed.