Need to know Computer owner

This topic contains 2 replies, has 2 voices, and was last updated by  postanote 1 week, 4 days ago.

  • Author
    Posts
  • #85349

    Bruno Prata Gomes
    Participant

    I am using the script below, but all computer have the managedby option are empty. Any idea?

    Get-ADComputer -Filter * -Property managedby |
    ForEach-Object {
    $computer = $_.Name
    if ($_.ManagedBy) { Get-ADUser $_.ManagedBy } else { " }
    } |
    Select-Object @{n='ComputerName';e={$computer}}, Name, SamAccountName, UserPrincipalName | Export-Csv C:\Windows\Temp\computerowners.csv -NoType

  • #85351

    postanote
    Participant

    Have you already seen and tried this approach...
    'bogs.msmvps.com/richardsiddaway/2017/11/27/get-an-ad-users-manager'

    Many of the default or extended properties for AD object are empty. They have to be manually populated by an administrators or by some other process / service. If this was not done, nothing will be returned.

    To see all AD properties and their values on a user or computer object, of course, just do this.
    (Get-ADComputer -Filter * -Properties *)[0]
    (Get-ADUser -Filter * -Properties *)[0]

    Get all empty AD properties of the object, this is a bit ugly but gets the needed empty fields.

    # Computer object property collection
    Clear-Host;(Get-ADComputer -Filter * -Properties *)[0] > "$PWD\ADComputerProps.txt"
    Clear-Host;(Get-ADUser -Filter * -Properties *)[0] > "$PWD\ADUserProps.txt"
    Clear-Host;$RegEx = ': .'
    Select-String -Path "$PWD\ADComputerProps.txt" -NotMatch $RegEx
    Select-String -Path "$PWD\ADUserProps.txt" -NotMatch $RegEx

    # Computer
    ...
    ADCOmputerProps.txt:3:AccountExpirationDate :
    ADCOmputerProps.txt:5:AccountLockoutTime :
    ADCOmputerProps.txt:22:Deleted :
    ADCOmputerProps.txt:23:Description :
    ADCOmputerProps.txt:24:DisplayName :
    ADCOmputerProps.txt:31:HomePage :
    ADCOmputerProps.txt:34:IPv6Address :
    ADCOmputerProps.txt:36:isDeleted :
    ADCOmputerProps.txt:38:LastBadPasswordAttempt :
    ADCOmputerProps.txt:39:LastKnownParent :
    ADCOmputerProps.txt:45:Location :
    ADCOmputerProps.txt:48:ManagedBy :
    ADCOmputerProps.txt:63:OperatingSystemHotfix :
    ADCOmputerProps.txt:64:OperatingSystemServicePack :
    ...
    ADCOmputerProps.txt:128:UserPrincipalName :

    # User
    ...
    ADUserProps.txt:3:AccountExpirationDate :
    ADUserProps.txt:5:AccountLockoutTime :
    ADUserProps.txt:17:City :
    ADUserProps.txt:20:Company :
    ADUserProps.txt:22:Country :
    ADUserProps.txt:26:Deleted :
    ADUserProps.txt:27:Department :
    ADUserProps.txt:31:Division :
    ADUserProps.txt:35:EmployeeID :
    ADUserProps.txt:36:EmployeeNumber :
    ADUserProps.txt:38:Fax :
    ADUserProps.txt:39:GivenName :
    ADUserProps.txt:40:HomeDirectory :
    ADUserProps.txt:42:HomeDrive :
    ...
    ADUserProps.txt:45:HomePage :
    ADUserProps.txt:46:HomePhone :
    ADUserProps.txt:47:Initials :
    ADUserProps.txt:50:isDeleted :
    ADUserProps.txt:53:LastKnownParent :
    ADUserProps.txt:62:LogonWorkstations :
    ADUserProps.txt:66:Manager :
    ...
    ADUserProps.txt:103:Office :
    ADUserProps.txt:104:OfficePhone :
    ADUserProps.txt:105:Organization :
    ADUserProps.txt:106:OtherName :
    ADUserProps.txt:111:POBox :
    ADUserProps.txt:112:PostalCode :
    ADUserProps.txt:116:ProfilePath :
    ADUserProps.txt:123:ScriptPath :
    ...
    ADUserProps.txt:135:State :
    ADUserProps.txt:136:StreetAddress :
    ADUserProps.txt:137:Surname :
    ADUserProps.txt:138:Title :
    ...

    Anyway, if you follow the approach of the link above, you could do something like this...

    (Get-ADComputer -Filter * -Property *) `
    | ForEach ($_) {
    If ($_.ManagedBy)
    {
    $User = (Get-ADUser -Identity $_.ManagedBy)
    $User | Add-Member -MemberType NoteProperty -Name 'ManagedBy' -Value $_.ManagedBy -Force
    $User | Select Name, SamAccountName, UserPrincipalName,ManagedBy
    }
    }

    Name SamAccountName UserPrincipalName ManagedBy
    —- ————– —————– ———
    User01 TestUser User01 User01@contoso.com CN=HelpDesk Manager,OU=...
    User02 TestUser User02 User02@contoso.com CN=HelpDesk Manager,OU=LabUsers,DC=...

  • #85358

    postanote
    Participant

    So, I could not let this parsing of the Get-AD* output thing go.
    Thought about it for a bit and come up with this.
    Maybe some may find it useful, or generate other approaches / ideas.

    Function Show-AddsObjectProperties
    {
    [CmdletBinding()]

    Param
    (
    [switch]$AddsObjectComputer,
    [switch]$AddsObjectUser,
    [switch]$NotNull
    )

    If($AddsObjectComputer)
    {$AddsCommand = (Get-ADComputer -Filter * -Properties *)}
    Else{$AddsCommand = (Get-ADUser -Filter * -Properties *)}

    If($NotNull)
    {
    Clear-Host;(($Addscommand)[0] `
    | ConvertTo-Xml).Objects.Object.Property `
    | Select Name,'#text' `
    | Where '#text' -NE $null
    }
    Else
    {
    Clear-Host;(($Addscommand)[0] `
    | ConvertTo-Xml).Objects.Object.Property `
    | Select Name,'#text' `
    | Where '#text' -EQ $null
    }
    }
    Set-Alias -Name snp Show-AddsObjectProperties

    Show-AddsObjectProperties -AddsObjectComputer | Format-Table -AutoSize
    Show-AddsObjectProperties -AddsObjectUser | Format-Table -AutoSize
    Show-AddsObjectProperties -AddsObjectComputer -NotNull | Format-Table -AutoSize
    Show-AddsObjectProperties -AddsObjectUser -NotNull | Format-Table -AutoSize

    Computer
    Name #text
    —- —–
    AccountExpirationDate
    AccountLockoutTime
    AuthenticationPolicy
    AuthenticationPolicySilo
    Certificates
    CompoundIdentitySupported
    Deleted
    Description
    DisplayName
    dSCorePropagationData
    HomePage
    IPv6Address
    isDeleted
    KerberosEncryptionType
    LastBadPasswordAttempt
    LastKnownParent
    Location
    ManagedBy
    MemberOf
    msDFSR-ComputerReferenceBL
    OperatingSystemHotfix
    OperatingSystemServicePack
    PrincipalsAllowedToDelegateToAccount
    rIDSetReferences
    serverReferenceBL
    ServiceAccount
    servicePrincipalName
    ServicePrincipalNames
    SIDHistory
    userCertificate
    UserPrincipalName
    PropertyNames
    AddedProperties
    RemovedProperties
    ModifiedProperties

    User
    Name #text
    —- —–
    AccountExpirationDate
    AccountLockoutTime
    AuthenticationPolicy
    AuthenticationPolicySilo
    Certificates
    City
    Company
    CompoundIdentitySupported
    Country
    Deleted
    Department
    Division
    dSCorePropagationData
    EmployeeID
    EmployeeNumber
    Fax
    GivenName
    HomeDirectory
    HomeDrive
    HomePage
    HomePhone
    Initials
    isDeleted
    KerberosEncryptionType
    LastKnownParent
    LogonWorkstations
    managedObjects
    Manager
    MemberOf
    MobilePhone
    msExchCoManagedObjectsBL
    msExchPoliciesIncluded
    msExchTextMessagingState
    msExchUMDtmfMap
    Office
    OfficePhone
    Organization
    OtherName
    POBox
    PostalCode
    PrincipalsAllowedToDelegateToAccount
    ProfilePath
    protocolSettings
    proxyAddresses
    ScriptPath
    ServicePrincipalNames
    showInAddressBook
    SIDHistory
    State
    StreetAddress
    Surname
    Title
    userCertificate
    PropertyNames
    AddedProperties
    RemovedProperties
    ModifiedProperties

    And yep, I know I could have done something like this as well..

    Clear-Host;($Addscommand)[0] `
    | %{$_.psobject.properties} `
    | Select Name,Value `
    | Where Value -eq $null

    .. but when doing the $NotNull switch, the value output / line up was not optimal.

You must be logged in to reply to this topic.