none
Auditing active directory group and send email report RRS feed

  • Question

  • Hi , 

    I was writing an powershell script to audit an active directory and send automatic report and I got a lot of help in this forum. below is the original code that is allowing you to receive report for specific AD group. 

    I would like to add another option that will attach on the report the same report but into an CSV or excel file; below is the script to do that part. I tried different combinaison of those two output but my script still failling. Can someone please help to explain how to two scripts can be merge in one to allow reporting with attahced file and same output will be also into the body email. 

    ------------------------------------------------******************Initial Script start *******--------------------------

    #Initialization
    # Import Modules
    Get-Module -ListAvailable | Import-Module


    # Get domain name
    $ADDomainName = $((Get-AdDomain).NetBIOSName)

    #Initialization
    $out = @()

    # Get Membership in Domain Admins Groups
    Get-ADGroupMember 'Domain Admins' | ForEach {

        $userDetails = Get-ADUser -Identity $_.SamAccountName

        $props = @{
            SecurityGroup = 'Domain Admins'

            FirstName = $userDetails.GivenName
            LastName = $userDetails.SurName
    Username = $userDetails.SamAccountName
        }

        $out += New-Object PsObject -Property $props

    }

    # Get Membership in ENterprise Admins Groups
    Get-ADGroupMember 'Enterprise Admins' | ForEach {

        $userDetails = Get-ADUser -Identity $_.SamAccountName

        $props = @{
            SecurityGroup = 'Enterprise Admins'

            FirstName = $userDetails.GivenName
            LastName = $userDetails.SurName
    Username = $userDetails.SamAccountName
        }

        $out += New-Object PsObject -Property $props

    }
    # Get Membership in Shema Admins Groups
    Get-ADGroupMember 'Schema Admins' | ForEach {

        $userDetails = Get-ADUser -Identity $_.SamAccountName

        $props = @{
            SecurityGroup = 'Schema Admins'

            FirstName = $userDetails.GivenName
            LastName = $userDetails.SurName
    Username = $userDetails.SamAccountName
        }

        $out += New-Object PsObject -Property $props

    }

    $body = $out | Out-String 

    #Function to send email
    Send-MailMessage -To email@domain -From email@domain -Subject 'Group Report' -Body $body -SmtpServer email@domain

    ------------------------------------------------******************Initial Script end*******--------------------------

    ----------------------------------****************new line to be merge into the initial script start*******-------------------------

    $out | Export-Csv .\GroupReport.csv -NoTypeInformation

    Send-MailMessage -To to@domain.com -From from@domain.com -Subject 'Group Report' -Body 'See attachment' -Attachments .\GroupReport.csv -SmtpServer smtp.domain.com

    -----------------------------******************new line to be merge into the initial script End *******--------------------------

    Saturday, March 29, 2014 11:48 PM

Answers

  • #Initialization
    # Import Modules
    Get-Module -ListAvailable | Import-Module


    # Get domain name
    $ADDomainName = $((Get-AdDomain).NetBIOSName)

    #Initialization
    $out = @()

    # Get Membership in Domain Admins Groups
    Get-ADGroupMember 'Domain Admins' | ForEach {

        $userDetails = Get-ADUser -Identity $_.SamAccountName

        $props = @{
            SecurityGroup = 'Domain Admins'

            FirstName = $userDetails.GivenName
            LastName = $userDetails.SurName
    Username = $userDetails.SamAccountName
        }

        $out += New-Object PsObject -Property $props
    $out | Export-Csv .\GroupReport.csv -NoTypeInformation
    }

    # Get Membership in ENterprise Admins Groups
    Get-ADGroupMember 'Enterprise Admins' | ForEach {

        $userDetails = Get-ADUser -Identity $_.SamAccountName

        $props = @{
            SecurityGroup = 'Enterprise Admins'

            FirstName = $userDetails.GivenName
            LastName = $userDetails.SurName
    Username = $userDetails.SamAccountName
        }

        $out += New-Object PsObject -Property $props

    }
    # Get Membership in Shema Admins Groups
    Get-ADGroupMember 'Schema Admins' | ForEach {

        $userDetails = Get-ADUser -Identity $_.SamAccountName

        $props = @{
            SecurityGroup = 'Schema Admins'

            FirstName = $userDetails.GivenName
            LastName = $userDetails.SurName
    Username = $userDetails.SamAccountName
        }

        $out += New-Object PsObject -Property $props
    $out | Export-Csv .\GroupReport.csv -NoTypeInformation
    }

    $body = $out | Out-String 

    #Function to send email
    Send-MailMessage -To email@domain -From email@domain -Subject 'Group Report' -Body $body -SmtpServer email@domain
    • Marked as answer by ndoffane Sunday, March 30, 2014 2:20 AM
    Sunday, March 30, 2014 2:20 AM

All replies

  • #Initialization
    # Import Modules
    Get-Module -ListAvailable | Import-Module


    # Get domain name
    $ADDomainName = $((Get-AdDomain).NetBIOSName)

    #Initialization
    $out = @()

    # Get Membership in Domain Admins Groups
    Get-ADGroupMember 'Domain Admins' | ForEach {

        $userDetails = Get-ADUser -Identity $_.SamAccountName

        $props = @{
            SecurityGroup = 'Domain Admins'

            FirstName = $userDetails.GivenName
            LastName = $userDetails.SurName
    Username = $userDetails.SamAccountName
        }

        $out += New-Object PsObject -Property $props
    $out | Export-Csv .\GroupReport.csv -NoTypeInformation
    }

    # Get Membership in ENterprise Admins Groups
    Get-ADGroupMember 'Enterprise Admins' | ForEach {

        $userDetails = Get-ADUser -Identity $_.SamAccountName

        $props = @{
            SecurityGroup = 'Enterprise Admins'

            FirstName = $userDetails.GivenName
            LastName = $userDetails.SurName
    Username = $userDetails.SamAccountName
        }

        $out += New-Object PsObject -Property $props

    }
    # Get Membership in Shema Admins Groups
    Get-ADGroupMember 'Schema Admins' | ForEach {

        $userDetails = Get-ADUser -Identity $_.SamAccountName

        $props = @{
            SecurityGroup = 'Schema Admins'

            FirstName = $userDetails.GivenName
            LastName = $userDetails.SurName
    Username = $userDetails.SamAccountName
        }

        $out += New-Object PsObject -Property $props
    $out | Export-Csv .\GroupReport.csv -NoTypeInformation
    }

    $body = $out | Out-String 

    #Function to send email
    Send-MailMessage -To email@domain -From email@domain -Subject 'Group Report' -Body $body -SmtpServer email@domain
    • Marked as answer by ndoffane Sunday, March 30, 2014 2:20 AM
    Sunday, March 30, 2014 2:20 AM
  • That is really bad.  You really could do better it you spent some time learning how to write PowerShell yourself.  Begging people to write pieces of script for you will not help you to learn.

    Learning PowerShell is not really all that hard.  If you spent your time studying you could learn it in a couple of weeks.


    ¯\_(ツ)_/¯

    Sunday, March 30, 2014 5:30 AM
  • why you like this man? I started the learning and after I posted the question I automatically answered by myself. Please ignore anything I post. 

    Thank you

    Sunday, March 30, 2014 10:39 AM
  • I am sorry.  I didn't intend to upset you I only wanted to push  you towards spending some time with a good book on PowerShell or some training videos instead of just asking questions and copying other peoples answers.  You could learn more much faster.

    I tried to showyou this before but you decided to ignore it and use a very bad method or, at least, a very inefficient method.  You need to think about these things and learn how computers work.  Computers will do nearly all of the work once you see how they, and the programming for them, are designed.

    Here is a PowerShell version of you exact script. 

    $groupnames='Domain Admins','Enterprise Admins','Schema Admins'
    $results=ForEach-Object($groupname in $groupnames){ 
        Get-ADGroupMember $groupname | 
            ForEach-Object{
                $userDetails = Get-ADUser -Identity $_.SamAccountName
                $props = @{
                    SecurityGroup=$groupname
                     FirstName = $userDetails.GivenName
                     LastName = $userDetails.SurName
                    Username = $userDetails.SamAccountName
                }
                New-Object PsObject -Property $props
        }
    }
    $results | Export-Csv .\GroupReport.csv -NoTypeInformation $body = $results | Format-Table | Out-String

    You don't have to use it but you really should try to understand how it works.


    ¯\_(ツ)_/¯



    • Edited by jrv Sunday, March 30, 2014 11:23 AM
    Sunday, March 30, 2014 11:21 AM
  • Hey JRV

    Sorry if I replied hardly just being much tired those day...I'm not a sys admin that this reason I never lean powershell but I starded few days ago when I needed a script which was not working. To show you that before asking question/help on this forum, below is something that I was working since couple day but was not working that's the reason I came here to ask question/help. Because this is the first time that I'm using a forum after 9 years in IT security. 

    Any book you can suggest me? I see that there is a lot of thing that we can do with powershell 

    Sorry again for the ton of my reply 

    # Import Modules
    Get-Module -ListAvailable | Import-Module


    # Get domain name
    $ADDomainName = $((Get-AdDomain).NetBIOSName)

    # Get Membership in Domain Administrative Groups
    set-variable domainAdmins -value (Get-ADGroupMember "Domain Admins" -recursive | foreach {$_.samaccountname})
    set-variable enterpriseAdmins -value (Get-ADGroupMember "Enterprise Admins" -recursive | foreach {$_.samaccountname})
    set-variable schemaAdmins -value (Get-ADGroupMember "Schema Admins" -recursive | foreach {$_.samaccountname})
    set-variable disabledUsers -value (Search-ADAccount -AccountDisabled -UsersOnly | FT Name,ObjectClass -A)

    # Consolidated List of Accounts with Administrative Access
    $allAdmins = $($domainAdmins + $enterpriseAdmins + $schemaAdmins + $disabledUsers| sort -unique)


    # Send Email
    $SmtpClient = new-object system.net.mail.smtpClient 
    $MailMessage = New-Object system.net.mail.mailmessage 

    $SmtpClient.Host = "your smtp" 
    $mailmessage.from = ("your email")
    $mailmessage.To.add("to you")
    $mailmessage.Subject = “audit:AdminAccess:$ADDomainName”
    $allAdmins | foreach {$mailmessage.body = $mailmessage.body + $_ + "`r"}
    $smtpclient.Send($mailmessage)

    Sunday, March 30, 2014 11:30 AM
  • I do not know why you post that script as it is not what you are originally asking. It also shows that you are making a lot of incorrect guesses.

    There are numerous book posted on this page:http://technet.microsoft.com/en-us/scriptcenter/dd793612.aspx

    Choose one you like.


    ¯\_(ツ)_/¯

    Sunday, March 30, 2014 11:46 AM