Skip to content

Instantly share code, notes, and snippets.

@RaRaRatchet

RaRaRatchet/Get-ADComputer-Win8.ps1

Last active January 17, 2024 12:28
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save RaRaRatchet/7d1dec329c94f643cddd09f2f79550cc to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save RaRaRatchet/7d1dec329c94f643cddd09f2f79550cc to your computer and use it in GitHub Desktop.
Download ZIP
[Active Directory] #AD #ADGroups # #OUs
Raw
Get-ADComputer-Win8.ps1
Get-ADComputer -Filter 'operatingsystem -like "Windows 8*" -and enabled -eq "true"' `
-Properties Name,Operatingsystem,OperatingSystemVersion,IPv4Address,LastLogonDate | Select-object -Property Name
Raw
Get-EmptyOUs
Get-ADOrganizationalUnit -Properties CanonicalName -Filter * | Sort-Object CanonicalName |
ForEach-Object {
$userCount = @(Get-AdUser -Filter * -SearchBase $_.DistinguishedName -SearchScope OneLevel).Count
$computerCount = @(Get-AdComputer -Filter * -SearchBase $_.DistinguishedName -SearchScope OneLevel).Count
$groupCount = @(Get-AdGroup -Filter * -SearchBase $_.DistinguishedName -SearchScope OneLevel).Count
$contactCount = @(Get-ADObject -Filter 'objectClass -eq "contact"' -SearchBase $_.DistinguishedName -SearchScope OneLevel).Count
if ($userCount -eq 0 -and $computerCount -eq 0 -and $groupCount -eq 0 -and $contactCount -eq 0) {
[pscustomobject]@{
Name = Split-Path $_.CanonicalName -Leaf
CanonicalName = $_.CanonicalName
}
}
}
Raw
Resolve-SelectedADGroupsRecursively.ps1
param([Parameter(Mandatory = $true)][String]$groupName)
$groupsHT = @{} # This is our group cache
$membersHT = @{} # These are our members
function groupShouldNotBeResolved {
param($member)
$groupsToNotResolve = @( # These are CNs! Make sure that your sAMAccountNames and CNs match!
"Domain Users" # Feel free to edit these!
"SomeGroup"
)
foreach($group in $groupsToNotResolve) { # We iterate through our list of groups...
if($member.StartsWith(("CN=" + $group + ","), "CurrentCultureIgnoreCase") -eq $true) { # ...and check if our member matches
$groupToNotResolveAD = Get-ADObject -Identity $member # If we find a match, we get it from AD
$groupsHT.Add($member, $groupToNotResolveAD) # And add it to our list of groups, so we know it next time
return $true # Let caller know this group should not be resolved
}
}
return $false # This group should be resolved!
}
function resolve-members-recursive {
param($members) # The input is a list of members (distinguishedNames)
foreach($member in $members) { # We look at each member / distinguishedName
if($membersHT.Contains($member) -eq $true) { # If the distinguishedName is already in our list of members, we skip it
continue
}
elseif((groupShouldNotBeResolved $member) -eq $true) { # If the member is a group that should not be resolved....
$membersHT.Add($member, $groupsHT.$member) # We add it to our members list
}
elseif($groupsHT.Contains($member) -eq $true) { # If the distinguishedName is already in our group cache...
resolve-members-recursive $groupsHT.$member # Resolve its members recursively!
}
else { # If the distinguishedName is in neither cache, we find out what it is...
$memberAD = Get-ADObject -Identity $member -Properties member # ... from AD!
if($memberAD.objectClass -eq "group") { # If it's a group...
$groupsHT.Add($memberAD.distinguishedName, $memberAD.member) # We add it to our group cache
resolve-members-recursive $groupsHT.$member # And resolve its members recursively
}
else { # If it's not a group, it must be a user...
$membersHT.Add($member, $memberAD) # So we add it to our members list
}
}
}
}
$groupToResolve = Get-ADObject -LDAPFilter ("(&(objectClass=group)(objectCategory=group)(sAMAccountName=" + $groupName + "))") -Properties member
if($groupToResolve -eq $null) {
Write-Host ($groupName + " could not be found in AD!")
return $null
}
else {
resolve-members-recursive $groupToResolve.member
return $membersHT
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment