-
Notifications
You must be signed in to change notification settings - Fork 4
/
Get-DomainAdmins
116 lines (72 loc) · 2.6 KB
/
Get-DomainAdmins
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
###############################################################
# Get-DomainAdmins-v1.ps1
# Version 1.0
# Sagar Hande - 12 / 02 / 2019
###############################################################
#Provide Output Path for Administrator group and Domains Admins
$OutForAdministrators="C:\output\Administrators.csv"
$OutForDomainAdmins = "C:\Output\Domainadmins.csv"
#Domain Admins OU
$DomainOU=""
$GroupName = "Administrators"
$NameDA = "Domain Admins"
#Provide To and From Address
$ToUserList = @('')
$From = ''
#Fetch Users and group from Administrators excepts Domain Admins
Function GetNestedGroupmember($group){
$groupUsers=Get-ADGroup -Identity $group -Properties *
$mem=$groupUsers.Members
foreach($m in $mem){
$type=(Get-ADObject -Filter {DistinguishedName -eq $m}).objectclass
if($type -eq "user"){
get-aduser -Filter {DistinguishedName -eq $m} -Properties * |
select SamAccountName, Description, Info, Enabled, PasswordLastSet, PasswordNeverExpires, PasswordExpired, DisplayName, Manager, EmployeeID, Comment, @{N='memberof';E={$_.memberof}}, LastLogonDate, DistinguishedName |
export-csv –append $OutForAdministrators -NoTypeInformation
}
elseif($type -eq "group"){
if($m -contains $DomainOU){
GetDomainAdminsGroupmember($m)
}
else{
GetNestedGroupmember($m)
}
}
else{
#Excluding Computer Name
}
}
}
##Function to Fetch Domain Admins
Function GetDomainAdminsGroupmember($group){
$groupUsers=Get-ADGroup -Identity $group -Properties *
$groupUsers.Members |
get-aduser -Properties * |
select SamAccountName, Description, Info, Enabled, PasswordLastSet, PasswordNeverExpires, PasswordExpired, DisplayName, Manager, EmployeeID, Comment, @{N='memberof';E={$_.memberof}}, LastLogonDate, DistinguishedName |
export-csv –append $OutForDomainAdmins -NoTypeInformation
SendMail -Attachments $OutForDomainAdmins -Name $NameDA
}
##Function to Send Mail
Function SendMail{
[CmdletBinding()]
Param (
[Parameter(Mandatory=$True)]
[String]$Attachments,
[Parameter(Mandatory=$True)]
[String]$Name
)
$Timestamp = [String]((Get-Date).ToShortDateString() -Replace '/','_')
$SMTPServer = 'smtp server'
$CommomEmailParams = @{To=$ToUserList;Attachments=$Attachments;SmtpServer=$SMTPServer}
$Subject = "User List for " +$Name
$Body = @"
Hi All,
Message: Script completed Successfully. Please see attached User List for $Name.
Time: $([DateTime]::Now)
Thanks
"@
Send-MailMessage @CommomEmailParams -From $From -Subject $Subject -Body $Body
}
##Main Program Starts Here
GetNestedGroupmember($GroupName)
SendMail -Attachments $OutForAdministrators -Name $GroupName