我正在尝试创建一个 powershell 来审核新创建的帐户&团体和谁创造了它们。对象由帐户操作员创建,但他们不是域管理员。
我认为是这样的:
$Last = (Get-Date).AddDays(-1);
Get-Acl | Get-ADUser -Filter {WhenCreated -ge $Last} | FL DistinguishedName, Path,owner
但这还不起作用。
答案 0 :(得分:0)
这个班轮会告诉您某个日期之后的变化。有一个 whenchanged 属性,您可以使用该属性过滤掉对象。
Get-ADObject -Filter 'whenchanged -gt $dte' | Group-Object objectclass
然后你可以使用:
get-adgroup -filter * | sort name | select Name
Get-adgroupmember "Name"
或
Get-ADGroup -filter "GroupCategory -eq 'Security'" –properties Member |
Select Name,@{Name="Members";
Expression={($_.member | Measure-Object).count}},
GroupCategory,GroupScope,Distinguishedname |
Out-GridView -Title "Select one or more groups to export" -OutputMode Multiple |
foreach {
Write-Host "Exporting $($_.name)" -ForegroundColor cyan
#replace spaces in name with a dash
$name = $_.name -replace " ","-"
$file = Join-Path -path "C:\work" -ChildPath "$name.csv"
Get-ADGroupMember -identity $_.distinguishedname -Recursive |
Get-ADUser -Properties Title,Department |
Select Name,Title,Department,SamAccountName,DistinguishedName |
Export-CSV -Path $file -NoTypeInformation
Get-Item -Path $file
}