Najdi enablovaného uživatele pomocí filtru
Get-ADUser -LDAPFilter „(mail=*@domain.tld)“ -prop * | where { ($_.Enabled -eq $true) }
Najdi enablované členy skupiny Administrators a Domain Admins
Get-ADGroupMember -Identity „administrators“ -Recursive | where { ($_.Enabled -eq $true) } | Get-ADUser -prop * | select samAccountName, Enabled
Get-ADGroupMember -Identity „domain admins“ -Recursive | where { ($_.Enabled -eq $true) } | Get-ADUser -prop * | select samAccountName, Enabled
Datumy
@{N='whenChanged'; E={[DateTime]::FromFileTime($_.whenChanged)}}
@{N='lastLogonTimestamp'; E={[DateTime]::FromFileTime($_.lastLogonTimestamp)}}
@{N='badPasswordTime'; E={[DateTime]::FromFileTime($_.badPasswordTime)}}
@{N='pwdLastSet'; E={[DateTime]::FromFileTime($_.pwdLastSet)}}
Multivalued
@{name=„memberOf“;expression={$_.memberOf -join „ ~AND~ “}}
Dotaz na uživatele v .CSV souboru
<Code:powershell> import-module ActiveDirectory $users=Import-Csv -Path users.txt foreach ($user in $users) { $samAccountName=$user.samAccountName Get-ADUser -ldapFilter „(samAccountName=$samAccountName)“ -Properties * | select samAccountname } </code>
Neaktivní domain computers
$DaysInactive = 90 $time = (Get-Date).Adddays(-($DaysInactive)) Get-ADComputer -Filter {LastLogonTimeStamp -lt $time} -Prop * | select Name, @{N='lastLogonTimestamp'; E={[DateTime]::FromFileTime($_.lastLogonTimestamp)}}