Get SamAccountname from the list of Displayname


Import-Module activedirectory
$displayname = @()
$names = get-content “c:\user.txt”
foreach ($name in $names) {

$displaynamedetails = Get-ADUser -filter { DisplayName -eq $name } -server “Domain name “| Select name,samAccountName

$displayname += $displaynamedetails

}

$displayname | Export-Csv “C:\Samaccountname.csv”

Windows License status


$ldapSearcher = new-object directoryservices.directorysearcher;
$ldapSearcher.filter = “(objectclass=computer)”;
$computers = $ldapSearcher.findall();

foreach ($computer in $computers)
{
$compname = $computer.properties[“name”]
$ping = gwmi win32_pingstatus -f “Address = ‘$compname'”
$compname
if($ping.statuscode -eq 0)
{
try
{
$ErrorActionPreference = “Stop”
$wpa = Get-WmiObject -class SoftwareLicensingProduct -ComputerName $compname | Where{$_.LicenseStatus -NotMatch “0”}
if($wpa)
{
foreach($item in $wpa)
{
$status = switch($item.LicenseStatus)
{
0 {“Unlicensed”}
1 {“Licensed”}
2 {“Out-Of-Box Grace Period”}
3 {“Out-Of-Tolerance Grace Period”}
4 {“Non-Genuine Grace Period”}
5 {“Notification”}
6 {“Extended Grace”}
default {“Unknown value”}
}
“Activation Status: {0}” -f $status
}
}
else
{
write-host (“$compname Unlicensed”)
}
}
catch
{
write-host (“Computer does not have SoftwareLicensingProduct class, you have insufficient rights to query the computer or the RPC server is not available”)
}
finally
{
$ErrorActionPreference = “Continue”
}

}
else
{
write-host (“$compname Offline”)
}
[console]::WriteLine()
}

List Windows Product Activation Status of all Domain Computers

Powershell script to find old AD computers by last login time


import-module activedirectory
$logdate = Get-Date -format yyyyMMdd
$logfile = “c:\scripts\logs\ExpiredComputers – “+$logdate+”.csv”
$mail = “yramasamy@xybion.com”
$smtpserver = “192.168.20.29”
$emailFrom = “GlobalServiceDesk@xybion.com”
$domain = “xybioncorp.local”
$emailTo = “$mail”
$subject = “Old computers in Active Directory”
$DaysInactive = 180
$time = (Get-Date).Adddays(-($DaysInactive))
$body =
“Please find the inactive computers file. Please review

Yogeshwaran”

# Change this line to the specific OU that you want to search
$searchOU = “DC=xybioncorp, DC=local”

# Get all AD computers with LastLogon less than our time
Get-ADComputer -SearchBase $searchOU -Filter {LastLogon -lt $time -and enabled -eq $true} -Properties LastLogon, description,Operatingsystem|

# Output hostname and LastLogon into CSV
select-object Name,DistinguishedName, description,Operatingsystem,enabled,@{Name=”Stamp”; Expression={[DateTime]::FromFileTime($_.LastLogon)}} | export-csv $logfile -notypeinformation

Send-MailMessage -To $emailTo -From $emailFrom -Subject $subject -Body $body -Attachments $logfile -SmtpServer $smtpserver

Active Directory: How to List All Computers in OU using PowerShell


$OUpath = 'ou=Managers,dc=enterprise,dc=com'
$ExportPath = 'c:\data\computers_in_ou.csv'
Get-ADComputer -Filter * -SearchBase $OUpath | Select-object
DistinguishedName,DNSHostName,Name | Export-Csv -NoType $ExportPath

To export all computers in mydomain.com’s servers OU to machines.txt :

DSQUERY COMPUTER "OU=servers,DC=mydomain,DC=com" -o rdn -limit 1000 > c:\machines.txt

Verify if an update is installed


PS> $A = Get-Content -Path ./Servers.txt

PS> $A | ForEach-Object { if (!(Get-HotFix -Id KB957095 -ComputerName $_)) { Add-Content $_ -Path ./Missing-KB957095.txt }}

Note: 

The $A variable contains computer names that were obtained by Get-Content from a text file. The objects in $A are sent down the pipeline to ForEach-Object

DNS scavenging_status


$zones = Get-Content “C:\Users\k054995\Desktop\test\input.txt”

foreach($zone in $zones)

{

$Output = Get-DnsServerZoneAging -Name $zone -ComputerName pgc2eu-dceu101 | Select-Object ZoneName,AgingEnabled,RefreshInterval,NoRefreshInterval

$Output

$Output | export-csv -Path “C:\Users\k054995\Desktop\test\eu1_reverse-lookupzone_scavenging_status.csv” -NoTypeInformation -Append

}

AD replication Test


#identify AD sites which differ in replication schedule from a reference site, here GC1

$RefscheduleRaw= ((Get-ADReplicationSite -Identity GC1).ReplicationSchedule.RawSchedule)
$Refschedule= ((Get-ADReplicationSite -Identity GC1).ReplicationSchedule)

#Set-ADReplicationSite -Identity test -ReplicationSchedule $Refschedule

$sites= (Get-ADForest).sites
$SiteList= @(”)

foreach($site in $sites){
$schedule= ”
$schedule= ((Get-ADReplicationSite -Identity $site).ReplicationSchedule.RawSchedule)
if(!$schedule -or ($schedule -ne $RefscheduleRaw)){
$SiteList+=$site
# $site
}

}

$siteList |Sort-Object

Powershell Get-PSADForestInfo


https://github.com/PyroTek3/PowerShell-AD-Recon/blob/master/Get-PSADForestInfo

$ADForestInfo = [System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest().Schema

DHCP pool monitor


#DHCP Percent of Addresses Remaining Threshold

$DHCPLowPercentThreshold = 10

#From Email Address

$FromAddress = “dhcpalert@domain.com”

#To Email Address

$ToAddress = “user@domain.com”

#SMTP Server Address

$SmtpServerAddress = “mail.domain.com”

 

$5MinutesAgo = [DateTime]::Now.AddMinutes(-5)

$DHCPLowEvent = @(Get-EventLog -LogName “System” -After $5MinutesAgo -InstanceID 1020)[0]

$DHCPLowEventMessage = $DHCPLowEvent.Message

$DHCPLowPercent = 100 – $DHCPLowEvent.ReplacementStrings[1]

If ($DHCPLowPercent -le $DHCPLowPercentThreshold){

$messageParameters = @{

Subject = “Warning: DHCP Addresses Low”

Body = “$DHCPLowEventMessage”

From = $FromAddress

To = $ToAddress

SmtpServer = $SmtpServerAddress

}

Send-MailMessage @messageParameters

}

 

%d bloggers like this: