Archive

Posts Tagged ‘technology’

Find All OUs with Users, Groups, or Contacts

December 28, 2012 Leave a comment

Recently I found myself involved with a new company helping them with an Active Directory migration. Their plan is to converge separate forests into one new forest. Since I was new to the environment I wanted to really get a better understanding of what I was dealing with. With this I opened my trusty PowerShell script editor and began working out a few scripts to help understand these new environments.

When dealing with an Active Directory migration you really want to get a true grasp of where all of the important objects are, to me important objects are Users (including service accounts), Contacts, and Groups. Over time Active Directory Domains can become quite messy and convoluted ending up with numerous OUs which really have no true purpose any longer, yet no one deleted them. The script below helps you traverse through the muck and find the truly important OUs based on the important objects I’ve defined.

The script below does the following:

  1. Connects to the Active Directory domain(s) you specify
  2. Queries for all OrganizationalUnits within that domain
  3. Queries for all AD Objects within each OrganizationalUnit
  4. Creates 3 variables based on the query stated in step 3. ($users, $groups, $contacts)
  5. Defines the output data for each OU
  6. Counts the number of Users, Contacts, or Groups within the current OU
  7. Adds the content to the arrayed variable of $output
  8. After rolling through all OUs and all Domains the $output file is exported in CSV format to $OutFile defined in the params.

function Get-OUWithObjects
{

<#
.SYNOPSIS
Function to get all OUs that contain Users, Groups, or Contacts.

.DESCRIPTION
This function requires Quest ActiveRoles AD Management to be installed. The purpose of this
script is to go out and find any and all OrganizationalUnits which contain Users, Groups, or
Contacts. It performs a count on each type of object and prints them to a CSV File. This is
a useful tool for any Admin getting ready to perform an Active Directory migration in order
to better understand the existing environment. This script does not require and special
privelages in order to run as you're only reading from Active Directory.

.PARAMETER Domains
This allows you to input as many domains as you'd like to scan against. (ex.
-Domains "domain1","domain2","domain3" )

.PARAMETER OutFile
This specifies the directory path and file name for the CSV output. (ex. -Outfile c:\temp.csv)

.NOTES
Name: Get-OUWithObjects.ps1
Author: Josh Schofield
DateCreated: 12/28/2012

.LINK
http://www.JSchofield22.wordpress.com

.EXAMPLE
Get-OUWithObjects -Domains "Domain1","Domain2" -OutFile "C:\temp\test.csv"

#>

param(

[Parameter(Mandatory=$true)]
$Domains,

[Parameter(Mandatory=$true)]
[string]$OutFile

)

if ((Get-PSSnapin -Registered| where {$_.name -eq "quest.activeroles.admanagement"}) -eq $null){Write-Error "Quest.ActiveRoles.ADManagement NOT Installed"}

else {

Get-PSSnapin -Registered| where {$_.name -eq "quest.activeroles.admanagement"} | Add-PSSnapin | Out-Null

if ((test-path $OutFile) -eq "True"){del $OutFile}

$output = @()

foreach ($domain in $domains) {

Connect-QADService $domain

Get-QADObject -Type "organizationalunit" -IncludedProperties name,type,parentcontainer,dn -SizeLimit 0| %{

$ouname = $_.name
$parentcontainer = $_.parentcontainer

$adobjects = get-qadobject -SearchRoot $_.dn -SearchScope OneLevel -IncludedProperties type,name -SizeLimit 0 | where {(($_.type -eq "contact") -or ($_.type -eq "user") -or ($_.type -eq "group"))}
$users = $adobjects | where {$_.type -eq "user"}
$groups = $adobjects | where {$_.type -eq "group"}
$contacts = $adobjects | where {$_.type -eq "contact"}

$results =  "" | Select Domain, Name, UserCount, GroupCount, ContactCount, ParentContainer
$results.Domain = $domain
$results.Name = $ouname
$results.ParentContainer = $parentcontainer

if ($users -ne $null) {

$results.UserCount = $users.count

} #End of User Check

if ($groups -ne $null) {

$results.GroupCount = $groups.count

} #End of User Check

if ($contacts -ne $null) {

$results.ContactCount = $contacts.count

} #End of User Check

$output += $results

Clear-Variable $results -ErrorAction SilentlyContinue
Clear-Variable $ouname -ErrorAction SilentlyContinue
Clear-Variable $parentcontainer -ErrorAction SilentlyContinue

$adobjects = $null
$users = $null
$groups = $null
$contacts = $null

} #End of Get QADObject OU

}

$output | Export-Csv $OutFile -NoTypeInformation
}}

Advertisements

Ping Multiple Hosts with PowerShell and Return Useful Information

September 4, 2012 4 comments

A lot of our time in IT is spent making sure systems are up and running. Most times our first test when troubleshooting an issue is to perform a PING command. For that reason I have created the script below which in essence just performs the Test-Connection cmdlet. This script only provides me the useful information that I want from the cmdlet, both onscreen and in a csv file.

If you want to get really fancy you could perform a get-qadcomputer command and pipe the output to a CSV file. Then use that CSV file as the input file for the script below. If you did this you would be able to know which machines in your domain can respond to a PING response.


###########################################################################
#
# NAME: Ping-Host.ps1
#
# AUTHOR: Joshua Schofield
#
# COMMENT: If using a CSV file, you must have a column named DNSName in order for script to complete.
#
# EXAMPLE: c:\scripts\ping-host.ps1 -sourcefile c:\scripts\csv\servers.csv -oufile c:\scripts\logs\logfile.csv
#
# VERSION HISTORY: 1
#
# VERSION DATE:    8/21/2012
#
# VERSION COMMENTS: Tested and Validated
#
#
###########################################################################

param (

	[Parameter(Mandatory = $true)]
	$SourceFile,

	[Parameter(Mandatory = $true)]
	$OutFile

)

Function Ping-Hosts {

param ($server)

$test = Test-Connection $server -Count 1 -Quiet -ErrorAction SilentlyContinue
$ip = Test-Connection $server -Count 1 | select ipv4address -ErrorAction SilentlyContinue
$ip = $ip.IPV4Address

if ($test.ToString() -like "true") {

	Write-Host "$server $ip is pingable" -ForegroundColor green
	Write-Output "$server,$ip,yes" | Out-File $OutFile -Append

}
else {
	Write-Host "$server not pingable" -ForegroundColor Red
	Write-Output "$server,$ip,no" | Out-File $OutFile -Append

}

$test = $null
$name = $null
$server = $null
$ip = $null
}

$filetype = $SourceFile.split(".")[1]

Write-Output "ServerName,IP,RespondsToPING" | Out-File $OutFile -force

if ($filetype -eq "txt"){

	gc $sourcefile | % {

		ping-hosts $_

}
}

Elseif ($filetype -eq "csv"){

	Import-Csv $sourcefile | % {

		ping-hosts $_.dnsname

}
}

else{

Write-Host "Filetype: $filetype not recognized. Filetype must be .csv or .txt . Please try again." -ForegroundColor DarkRed -BackgroundColor White

}

%d bloggers like this: