Stuck on Ad Expire report on multi domains

This topic contains 5 replies, has 2 voices, and was last updated by Profile photo of Ruben Miclotte Ruben Miclotte 4 months ago.

Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • #40090
    Profile photo of Ruben Miclotte
    Ruben Miclotte
    Participant

    Hi All,

    I'm busy writing a multi domain (W2003-W2012) script to perform following things:
    1. Add expiry date for Admin users belonging to 1 Ad, if none is set (and have them be reported into a file)
    2. Extend the expiry date for the same users if the date is expired or about to expire, only when belonging to certain groups (and have them be reported into a file)
    3. report from the same admin set in 2 those not belonging to that group, needing to be handled manually
    4.report 3 other kind of users(normal users in 1 AD) and 2 other kind of users in several AD's and have the expiry date be removed if one is set

    5.Create a global report of all those users having 2 extra criteria added in the report : days left to expire & kind of account

    I'm having difficulties in the last steps...

    For
    -when usining the multi dimensional array , I see that the script adds 1 extra line per count ( so 1 line for user 1 , 30 lines for user 30
    -It adds "-736108" in files for when I calculate the days left to expire and this is set to "never expire"

    please help, because I cannot sort this out 🙁


    if ( (Get-PSSnapin -Name quest.activeroles.admanagement -ErrorAction SilentlyContinue) -eq $null ) { Add-PsSnapin quest.activeroles.admanagement }

    ############################
    # Declaration of Constants #
    ############################

    $pw = read-host "Enter password" -AsSecureString
    $Domains = gc "E:\Input\test.txt"

    ###########
    # Logging #
    ###########

    # Log Dir time stamp:
    $LogTime = Get-Date -Format "yyyy-MM-dd"
    $LogDir = "E:\Output\"+$LogTime+"_ExpireScript"

    #Remove LogDir if allready existant
    if (Test-Path $LogDir)
    {
    Remove-Item $LogDir -recurse -Force -confirm:$false
    }
    #Create New Logdir
    New-Item -ItemType Directory -Force -Path $LogDir

    #Creation of CUSTOM object to parse to Csv

    $objectCollection=@()

    $object = New-Object PSObject
    Add-Member -InputObject $object -MemberType NoteProperty -Name Domain -Value ""
    Add-Member -InputObject $object -MemberType NoteProperty -Name LogonName -Value ""
    Add-Member -InputObject $object -MemberType NoteProperty -Name Displayname -Value ""
    Add-Member -InputObject $object -MemberType NoteProperty -Name Description -Value ""
    Add-Member -InputObject $object -MemberType NoteProperty -Name Email -Value ""
    Add-Member -InputObject $object -MemberType NoteProperty -Name DistinguishedName -Value ""
    Add-Member -InputObject $object -MemberType NoteProperty -Name AccountExpires -Value ""
    Add-Member -InputObject $object -MemberType NoteProperty -Name AccountType -Value ""
    Add-Member -InputObject $object -MemberType NoteProperty -Name DaysLeft -Value ""

    #################
    # FunctionBlock #
    #################

    Function AddExpDate

    {
    $InOneYear = (Get-Date).AddDays(365)
    # $User.DN holds the DN user
    Set-QADUser -identity $User -AccountExpires $InOneYear
    }

    Function RemExpDate

    {#Remove Expiration date (PA TA FA)
    Set-QADUser -identity $User -accountexpires $null
    }

    ###############
    # ScriptBlock #
    ###############

    foreach ($domain in $Domains)
    {

    Try
    {

    Connect-QADService $domain -ConnectionAccount $domain\HJG008-a -ConnectionPassword $pw

    Get-QADUser -LdapFilter '(Samaccountname=*-A)' -DontUseDefaultIncludedProperties -IncludedProperties domain,name,displayname,Description,email,Dn,accountExpires -Enabled -SizeLimit 0 | select domain,name,displayname,Description,email,Dn,accountExpires |export-csv $LogDir\PAA_Acc.csv -encoding unicode -notypeinformation -Append
    Get-QADUser -LdapFilter '(description=admin*)' -DontUseDefaultIncludedProperties -IncludedProperties domain,name,displayname,Description,email,Dn,accountExpires -Enabled -SizeLimit 0 | select domain,name,displayname,Description,email,Dn,accountExpires |export-csv $LogDir\PAA_Acc.csv -encoding unicode -notypeinformation -Append
    Get-qaduser -LdapFilter '(description=technical*)' -DontUseDefaultIncludedProperties -IncludedProperties domain,name,displayname,Description,email,Dn,accountExpires -Enabled -SizeLimit 0 | select domain,name,displayname,Description,email,Dn,accountExpires |export-csv $LogDir\Tech-Func_Acc.csv -encoding unicode -notypeinformation -Append
    Get-qaduser -LdapFilter '(description=functional*)' -DontUseDefaultIncludedProperties -IncludedProperties domain,name,displayname,Description,email,Dn,accountExpires -Enabled -SizeLimit 0 | select domain,name,displayname,Description,email,Dn,accountExpires |export-csv $LogDir\Tech-Func_Acc.csv -encoding unicode -notypeinformation -Append

    $a=Import-csv $LogDir\PAA_Acc.csv|Sort name -Unique
    $a|export-csv $LogDir\Unique_PAA_Acc.csv -encoding unicode -notypeinformation #-Append
    $a|export-csv $LogDir\Unique_PAA_Full_Acc.csv -encoding unicode -notypeinformation -Append
    $Users=$a
    $b=Import-csv $LogDir\Tech-Func_Acc.csv
    $b|export-csv $LogDir\All_Tech-Func_Acc.csv -encoding unicode -notypeinformation -Append
    $Users2=$b

    foreach ($user in $users)
    {
    $name =$user.name
    $usr=Get-QADUser $name -DontUseDefaultIncludedProperties -IncludedProperties domain,name,displayname,Description,email,Dn,accountExpires -Enabled -SizeLimit 0 | select domain,name,displayname,Description,email,Dn,accountExpires

    $object.Domain = $Usr.domain
    $object.LogonName = $Usr.name
    $object.Displayname = $Usr.displayname
    $object.Description = $Usr.Description
    $object.DistinguishedName = $Usr.Dn
    $object.AccountExpires = $Usr.accountExpires
    $object.Email = $Usr.email
    $objectCollection += $object
    $name =$user.name
    # Get Today for something to compare against
    $Today=get-date
    # Find out when account is supposed to expire
    $ExpireDate=$usr.accountExpires -as [datetime]
    # How many days left before account expires
    $AccountAgeLeft=$ExpireDate-$Today
    # Get the value in days
    $DaysLeft=$AccountAgeLeft.days
    Write-host "$name has $daysleft days left"-fore DarkRed

    If ($usr.accountExpires -eq $null)
    { if ($domain -eq 'MAIN.DOMAIN.net')
    {
    Write-host "Please Set Expire date for PAA Account $name" -fore Cyan
    #$DN = $usr.DN
    #AddExpDate $DN
    $object.AccountType = "Personal Admin Account"
    $object.Daysleft = $DaysLeft
    $objectCollection += $object
    $objectCollection|export-csv $LogDir\MAINDOMAIN_PAA_Acc_Auto_set_exp.csv -encoding unicode -notypeinformation -Append
    }
    else
    {
    Write-host "Logging PAA Account $name" -fore Cyan
    $object.AccountType = "Personal Admin Account"
    $object.Daysleft = $DaysLeft
    $objectCollection += $object
    $objectCollection|export-csv $LogDir\PAA_Acc_No_exp.csv -encoding unicode -notypeinformation -Append
    }
    }

    If ($DaysLeft -le 1) #-and ($DaysLeft -ge 0) )
    {
    Write-host "Account $name has expired >> EXTEND" -fore Red
    if ($domain -eq 'MAIN.DOMAIN.net')
    {
    $UserGroups= Get-QADMemberOf -identity $name | Foreach-Object {$_.Name}
    if($UserGroups -like 'G100.*' -OR $UserGroups -like 'G205.*' -OR $UserGroups -like 'G207.*' -OR $UserGroups -like 'G208.*' )
    {
    Write-host "$name is member of one of the groups groups,with expiredate $exp" -fore Green
    #$DN = $usr.DN
    #AddExpDate $DN
    $object.AccountType = "Personal Admin Account"
    $object.Daysleft = $DaysLeft
    $objectCollection += $object
    $objectCollection|export-csv $LogDir\MAINDOMAIN_PAA_Acc_Auto_set_exp.csv -encoding unicode -notypeinformation -Append
    #$usr2=import-csv $LogDir\MAINDOMAIN_PAA_Acct_Auto_set_exp.csv
    #$usr2| Add-Member -MemberType NoteProperty "days left" -Value $daysleft
    #$usr2| Add-Member -MemberType NoteProperty "Account Type" -Value "Personal ADMIN account"
    #$usr2|export-csv $LogDir\MAINDOMAIN_PAA_Acct_Auto_set_exp2.csv -encoding unicode -notypeinformation -Append

    }
    else
    {
    Write-host "$name user has to be reported" -fore Yellow
    $object.AccountType = "Personal Admin Account"
    $object.Daysleft = $DaysLeft
    $objectCollection += $object
    $objectCollection|export-csv $LogDir\MAINDOMAIN_PAA_Acc_expired_VERIFYGROUPS.csv -encoding unicode -notypeinformation -Append
    #$usr2=import-csv $LogDir\MAINDOMAIN_PAA_Acc_expired_VERIFYGROUPS.csv
    #$usr2| Add-Member -MemberType NoteProperty "days left" -Value $daysleft
    #$usr2| Add-Member -MemberType NoteProperty "Account Type" -Value "Personal ADMIN account"
    #$usr2|export-csv $LogDir\MAINDOMAIN_PAA_Acc_expired_VERIFYGROUPS.csv -encoding unicode -notypeinformation -Append

    }
    }
    }
    }

    #Looping trough Technical & Functional accounts

    foreach ($user2 in $users2)
    {$name2 =$user2.name
    $usr2=Get-QADUser $name2 -DontUseDefaultIncludedProperties -IncludedProperties domain,name,displayname,Description,email,Dn,accountExpires -Enabled -SizeLimit 0 | select domain,name,displayname,Description,email,Dn,accountExpires
    $object.Domain = $Usr2.domain
    $object.LogonName = $Usr2.name
    $object.Displayname = $Usr2.displayname
    $object.Description = $Usr2.Description
    $object.DistinguishedName = $Usr2.Dn
    $object.AccountExpires = $Usr2.accountExpires
    $object.Email = $Usr2.email
    if ($usr.Description -like "technical*")
    {$object.AccountType = "Technical Account"}
    if ($usr.Description -like "functional*")
    {$object.AccountType = "Functional Account"}
    # Get Today for something to compare against
    $Today=get-date
    # Find out when account is supposed to expire
    $ExpireDate=$usr2.accountExpires -as [datetime]
    # How many days left before account expires
    $AccountAgeLeft=$ExpireDate-$Today
    # Get the value in days
    $DaysLeft=$AccountAgeLeft.days

    If ($usr2.accountExpires -ne $null)
    {
    Write-host "Please REMOVE Expire date for Account $name2" -fore Cyan
    #$DN2 = $usr2.DN
    #RemExpDate $DN2
    $object.Daysleft = $DaysLeft
    $objectCollection += $object
    $objectCollection|export-csv $LogDir\Tech-Func_Acc_Auto_REMOVE_exp.csv -encoding unicode -notypeinformation -Append
    }
    }
    #Rename inputfiles
    Rename-Item $LogDir\PAA_Acc.csv PAA_Acc_$domain.csv
    Rename-Item $LogDir\Unique_PAA_Acc.csv Unique_PAA_Acc_$domain.csv
    Rename-Item $LogDir\Tech-Func_Acc.csv Tech-Func_Acc_$domain.csv
    }
    Catch
    {
    $ErrorMessage = $_.Exception.Message
    $FailedItem = $_.Exception.ItemName
    "We failed to connect to $domain. The error message was $ErrorMessage"| out-file $LogDir\ErrorLog33.log -append
    }

    }

    Connect-QADService MAIN.DOMAIN.net -ConnectionAccount MAIN.DOMAIN.net\HJG008-a -ConnectionPassword $pw
    Get-QADUser * -searchroot "MAIN.DOMAIN.net/MAINDOMAIN Customers/Users/Personal" -DontUseDefaultIncludedProperties -IncludedProperties domain,name,displayname,Description,email,Dn,accountExpires -Enabled -SizeLimit 0 | select domain,name,displayname,Description,email,Dn,accountExpires |export-csv $LogDir\MAINDOMAINPA_Acc.csv -encoding unicode -notypeinformation -Append
    Get-QADUser * -searchroot "MAIN.DOMAIN.net/IAM/Accounts" -DontUseDefaultIncludedProperties -IncludedProperties domain,name,displayname,Description,email,Dn,accountExpires -Enabled -SizeLimit 0 | select domain,name,displayname,Description,email,Dn,accountExpires |export-csv $LogDir\MAINDOMAINPA_Acc.csv -encoding unicode -notypeinformation -Append
    $x=Import-csv $LogDir\MAINDOMAINPA_Acc.csv|Sort name -Unique
    $x|export-csv $LogDir\Unique_MAINDOMAINPA_Acc.csv -encoding unicode -notypeinformation #-Append
    $Users3=$x
    foreach ($user3 in $users3)
    {$name3 =$user3.name
    $usr3=Get-QADUser $name3 -DontUseDefaultIncludedProperties -IncludedProperties domain,name,displayname,Description,email,Dn,accountExpires -Enabled -SizeLimit 0 | select domain,name,displayname,Description,email,Dn,accountExpires
    $object.Domain = $Usr3.domain
    $object.LogonName = $Usr3.name
    $object.Displayname = $Usr3.displayname
    $object.Description = $Usr3.Description
    $object.DistinguishedName = $Usr3.Dn
    $object.AccountExpires = $Usr3.accountExpires
    $object.Email = $Usr3.email

    # Get Today for something to compare against
    $Today=get-date
    # Find out when account is supposed to expire
    $ExpireDate=$usr3.accountExpires -as [datetime]
    # How many days left before account expires
    $AccountAgeLeft=$ExpireDate-$Today
    # Get the value in days
    $DaysLeft=$AccountAgeLeft.days

    If ($usr3.accountExpires -ne $null)
    {
    Write-host "Please REMOVE Expire date for Account $name3" -fore Cyan
    #$DN3 = $usr3.DN
    #RemExpDate $DN3
    $object.AccountType = "Personal Account"
    $object.Daysleft = $DaysLeft
    $objectCollection += $object
    $objectCollection|export-csv $LogDir\MAINDOMAINPA_Acc_Auto_REMOVE_exp.csv -encoding unicode -notypeinformation -Append
    }
    }

    ##############
    # Repporting #
    ##############

    $csv1=Import-csv "$LogDir\MAINDOMAINPA_Acc_Auto_REMOVE_exp.csv"
    $csv1| Add-Member -MemberType NoteProperty "Action" -Value "REMOVED Expire date"
    $csv1|export-csv $LogDir\GlobalRepport.csv -encoding unicode -notypeinformation -Append
    $table += $csv1

    $csv2=Import-csv "$LogDir\Tech-Func_Acc_Auto_REMOVE_exp.csv"
    $csv2| Add-Member -MemberType NoteProperty "Action" -Value "REMOVED Expire date"
    $csv2|export-csv $LogDir\GlobalRepport.csv -encoding unicode -notypeinformation -Append
    $table += $csv2

    $csv3=Import-csv "$LogDir\MAINDOMAIN_PAA_Acc_Auto_set_exp.csv"
    $csv3| Add-Member -MemberType NoteProperty "Action" -Value "Expiry Date EXTENDED"
    $csv3|export-csv $LogDir\GlobalRepport.csv -encoding unicode -notypeinformation -Append
    $table += $csv3

    $csv4=Import-csv "$LogDir\MAINDOMAIN_PAA_Acc_expired_VERIFYGROUPS.csv"
    $csv4| Add-Member -MemberType NoteProperty "Action" -Value "Non Auto extended users : CHECK!"
    $csv4|export-csv $LogDir\GlobalRepport.csv -encoding unicode -notypeinformation -Append
    $table += $csv4

    $Header = @"

    TABLE {border-width: 1px;border-style: solid;border-color: black;border-collapse: collapse;}
    TH {border-width: 1px;padding: 3px;border-style: solid;border-color: black;background-color: #6495ED;}
    TD {border-width: 1px;padding: 3px;border-style: solid;border-color: black;}

    Expiry Date Report

    "@
    $Pre = "This is a BETA Version of the report BE AWARE NO ACTION HAS BEEN DONE YET"
    $Post ="This is an automaticly generated repport created by "

    $table | ConvertTo-HTML -Head $Header -body "Expiry Date Report created on $LogTime" -PreContent $Pre -PostContent $Post| Out-File c:\temp\report3.html

    #40150
    Profile photo of Richard Diphoorn
    Richard Diphoorn
    Participant

    Sorry to say, but it's incredibly hard to read this script. Please follow the forum guideline on how to format code: http://powershell.org/forums/topic/how-to-format-code-in-the-forums/

    Furthermore, can you specify exactly from which part of the script you expect a particular output, but is generated differently?

    #40206
    Profile photo of Ruben Miclotte
    Ruben Miclotte
    Participant
    
    if ( (Get-PSSnapin -Name quest.activeroles.admanagement -ErrorAction SilentlyContinue) -eq $null ) { Add-PsSnapin quest.activeroles.admanagement }
    
    ############################
    # Declaration of Constants #
    ############################
    
    $pw = read-host "Enter password" -AsSecureString
    $Domains = gc "E:\Input\test.txt"
    
    ###########
    # Logging #
    ###########
    
    # Log Dir time stamp:
    $LogTime = Get-Date -Format "yyyy-MM-dd"
    $LogDir = "E:\Output\"+$LogTime+"_ExpireScript"
    
    #Remove LogDir if allready existant
    if (Test-Path $LogDir)
    {
    Remove-Item $LogDir -recurse -Force -confirm:$false
    }
    #Create New Logdir
    New-Item -ItemType Directory -Force -Path $LogDir
    
    #Creation of CUSTOM object to parse to Csv
    
    $objectCollection=@()
    
    $object = New-Object PSObject
    Add-Member -InputObject $object -MemberType NoteProperty -Name Domain -Value ""
    Add-Member -InputObject $object -MemberType NoteProperty -Name LogonName -Value ""
    Add-Member -InputObject $object -MemberType NoteProperty -Name Displayname -Value ""
    Add-Member -InputObject $object -MemberType NoteProperty -Name Description -Value ""
    Add-Member -InputObject $object -MemberType NoteProperty -Name Email -Value ""
    Add-Member -InputObject $object -MemberType NoteProperty -Name DistinguishedName -Value ""
    Add-Member -InputObject $object -MemberType NoteProperty -Name AccountExpires -Value ""
    Add-Member -InputObject $object -MemberType NoteProperty -Name AccountType -Value ""
    Add-Member -InputObject $object -MemberType NoteProperty -Name DaysLeft -Value ""
    
    #################
    # FunctionBlock #
    #################
    
    Function AddExpDate
    
    {
    $InOneYear = (Get-Date).AddDays(365)
    # $User.DN holds the DN user
    Set-QADUser -identity $User -AccountExpires $InOneYear
    }
    
    Function RemExpDate
    
    {#Remove Expiration date (PA TA FA)
    Set-QADUser -identity $User -accountexpires $null
    }
    
    ###############
    # ScriptBlock #
    ###############
    
    foreach ($domain in $Domains)
    {
    
    Try
    {
    
    Connect-QADService $domain -ConnectionAccount $domain\HJG008-a -ConnectionPassword $pw
    
    Get-QADUser -LdapFilter '(Samaccountname=*-A)' -DontUseDefaultIncludedProperties -IncludedProperties domain,name,displayname,Description,email,Dn,accountExpires -Enabled -SizeLimit 0 | select domain,name,displayname,Description,email,Dn,accountExpires |export-csv $LogDir\PAA_Acc.csv -encoding unicode -notypeinformation -Append
    Get-QADUser -LdapFilter '(description=admin*)' -DontUseDefaultIncludedProperties -IncludedProperties domain,name,displayname,Description,email,Dn,accountExpires -Enabled -SizeLimit 0 | select domain,name,displayname,Description,email,Dn,accountExpires |export-csv $LogDir\PAA_Acc.csv -encoding unicode -notypeinformation -Append
    Get-qaduser -LdapFilter '(description=technical*)' -DontUseDefaultIncludedProperties -IncludedProperties domain,name,displayname,Description,email,Dn,accountExpires -Enabled -SizeLimit 0 | select domain,name,displayname,Description,email,Dn,accountExpires |export-csv $LogDir\Tech-Func_Acc.csv -encoding unicode -notypeinformation -Append
    Get-qaduser -LdapFilter '(description=functional*)' -DontUseDefaultIncludedProperties -IncludedProperties domain,name,displayname,Description,email,Dn,accountExpires -Enabled -SizeLimit 0 | select domain,name,displayname,Description,email,Dn,accountExpires |export-csv $LogDir\Tech-Func_Acc.csv -encoding unicode -notypeinformation -Append
    
    $a=Import-csv $LogDir\PAA_Acc.csv|Sort name -Unique
    $a|export-csv $LogDir\Unique_PAA_Acc.csv -encoding unicode -notypeinformation #-Append
    $a|export-csv $LogDir\Unique_PAA_Full_Acc.csv -encoding unicode -notypeinformation -Append
    $Users=$a
    $b=Import-csv $LogDir\Tech-Func_Acc.csv
    $b|export-csv $LogDir\All_Tech-Func_Acc.csv -encoding unicode -notypeinformation -Append
    $Users2=$b
    
    foreach ($user in $users)
    {
    $name =$user.name
    $usr=Get-QADUser $name -DontUseDefaultIncludedProperties -IncludedProperties domain,name,displayname,Description,email,Dn,accountExpires -Enabled -SizeLimit 0 | select domain,name,displayname,Description,email,Dn,accountExpires
    
    $object.Domain = $Usr.domain
    $object.LogonName = $Usr.name
    $object.Displayname = $Usr.displayname
    $object.Description = $Usr.Description
    $object.DistinguishedName = $Usr.Dn
    $object.AccountExpires = $Usr.accountExpires
    $object.Email = $Usr.email
    $objectCollection += $object
    $name =$user.name
    # Get Today for something to compare against
    $Today=get-date
    # Find out when account is supposed to expire
    $ExpireDate=$usr.accountExpires -as [datetime]
    # How many days left before account expires
    $AccountAgeLeft=$ExpireDate-$Today
    # Get the value in days
    $DaysLeft=$AccountAgeLeft.days
    Write-host "$name has $daysleft days left"-fore DarkRed
    
    If ($usr.accountExpires -eq $null)
    { if ($domain -eq 'MAIN.DOMAIN.net')
    {
    Write-host "Please Set Expire date for PAA Account $name" -fore Cyan
    #$DN = $usr.DN
    #AddExpDate $DN
    $object.AccountType = "Personal Admin Account"
    $object.Daysleft = $DaysLeft
    $objectCollection += $object
    $objectCollection|export-csv $LogDir\MAINDOMAIN_PAA_Acc_Auto_set_exp.csv -encoding unicode -notypeinformation -Append
    }
    else
    {
    Write-host "Logging PAA Account $name" -fore Cyan
    $object.AccountType = "Personal Admin Account"
    $object.Daysleft = $DaysLeft
    $objectCollection += $object
    $objectCollection|export-csv $LogDir\PAA_Acc_No_exp.csv -encoding unicode -notypeinformation -Append
    }
    }
    
    If ($DaysLeft -le 1) #-and ($DaysLeft -ge 0) )
    {
    Write-host "Account $name has expired >> EXTEND" -fore Red
    if ($domain -eq 'MAIN.DOMAIN.net')
    {
    $UserGroups= Get-QADMemberOf -identity $name | Foreach-Object {$_.Name}
    if($UserGroups -like 'G100.*' -OR $UserGroups -like 'G205.*' -OR $UserGroups -like 'G207.*' -OR $UserGroups -like 'G208.*' )
    {
    Write-host "$name is member of one of the groups groups,with expiredate $exp" -fore Green
    #$DN = $usr.DN
    #AddExpDate $DN
    $object.AccountType = "Personal Admin Account"
    $object.Daysleft = $DaysLeft
    $objectCollection += $object
    $objectCollection|export-csv $LogDir\MAINDOMAIN_PAA_Acc_Auto_set_exp.csv -encoding unicode -notypeinformation -Append
    #$usr2=import-csv $LogDir\MAINDOMAIN_PAA_Acct_Auto_set_exp.csv
    #$usr2| Add-Member -MemberType NoteProperty "days left" -Value $daysleft
    #$usr2| Add-Member -MemberType NoteProperty "Account Type" -Value "Personal ADMIN account"
    #$usr2|export-csv $LogDir\MAINDOMAIN_PAA_Acct_Auto_set_exp2.csv -encoding unicode -notypeinformation -Append
    
    }
    else
    {
    Write-host "$name user has to be reported" -fore Yellow
    $object.AccountType = "Personal Admin Account"
    $object.Daysleft = $DaysLeft
    $objectCollection += $object
    $objectCollection|export-csv $LogDir\MAINDOMAIN_PAA_Acc_expired_VERIFYGROUPS.csv -encoding unicode -notypeinformation -Append
    #$usr2=import-csv $LogDir\MAINDOMAIN_PAA_Acc_expired_VERIFYGROUPS.csv
    #$usr2| Add-Member -MemberType NoteProperty "days left" -Value $daysleft
    #$usr2| Add-Member -MemberType NoteProperty "Account Type" -Value "Personal ADMIN account"
    #$usr2|export-csv $LogDir\MAINDOMAIN_PAA_Acc_expired_VERIFYGROUPS.csv -encoding unicode -notypeinformation -Append
    
    }
    }
    }
    }
    
    #Looping trough Technical & Functional accounts
    
    foreach ($user2 in $users2)
    {$name2 =$user2.name
    $usr2=Get-QADUser $name2 -DontUseDefaultIncludedProperties -IncludedProperties domain,name,displayname,Description,email,Dn,accountExpires -Enabled -SizeLimit 0 | select domain,name,displayname,Description,email,Dn,accountExpires
    $object.Domain = $Usr2.domain
    $object.LogonName = $Usr2.name
    $object.Displayname = $Usr2.displayname
    $object.Description = $Usr2.Description
    $object.DistinguishedName = $Usr2.Dn
    $object.AccountExpires = $Usr2.accountExpires
    $object.Email = $Usr2.email
    if ($usr.Description -like "technical*")
    {$object.AccountType = "Technical Account"}
    if ($usr.Description -like "functional*")
    {$object.AccountType = "Functional Account"}
    # Get Today for something to compare against
    $Today=get-date
    # Find out when account is supposed to expire
    $ExpireDate=$usr2.accountExpires -as [datetime]
    # How many days left before account expires
    $AccountAgeLeft=$ExpireDate-$Today
    # Get the value in days
    $DaysLeft=$AccountAgeLeft.days
    
    If ($usr2.accountExpires -ne $null)
    {
    Write-host "Please REMOVE Expire date for Account $name2" -fore Cyan
    #$DN2 = $usr2.DN
    #RemExpDate $DN2
    $object.Daysleft = $DaysLeft
    $objectCollection += $object
    $objectCollection|export-csv $LogDir\Tech-Func_Acc_Auto_REMOVE_exp.csv -encoding unicode -notypeinformation -Append
    }
    }
    #Rename inputfiles
    Rename-Item $LogDir\PAA_Acc.csv PAA_Acc_$domain.csv
    Rename-Item $LogDir\Unique_PAA_Acc.csv Unique_PAA_Acc_$domain.csv
    Rename-Item $LogDir\Tech-Func_Acc.csv Tech-Func_Acc_$domain.csv
    }
    Catch
    {
    $ErrorMessage = $_.Exception.Message
    $FailedItem = $_.Exception.ItemName
    "We failed to connect to $domain. The error message was $ErrorMessage"| out-file $LogDir\ErrorLog33.log -append
    }
    
    }
    
    Connect-QADService MAIN.DOMAIN.net -ConnectionAccount MAIN.DOMAIN.net\HJG008-a -ConnectionPassword $pw
    Get-QADUser * -searchroot "MAIN.DOMAIN.net/MAINDOMAIN Customers/Users/Personal" -DontUseDefaultIncludedProperties -IncludedProperties domain,name,displayname,Description,email,Dn,accountExpires -Enabled -SizeLimit 0 | select domain,name,displayname,Description,email,Dn,accountExpires |export-csv $LogDir\MAINDOMAINPA_Acc.csv -encoding unicode -notypeinformation -Append
    Get-QADUser * -searchroot "MAIN.DOMAIN.net/IAM/Accounts" -DontUseDefaultIncludedProperties -IncludedProperties domain,name,displayname,Description,email,Dn,accountExpires -Enabled -SizeLimit 0 | select domain,name,displayname,Description,email,Dn,accountExpires |export-csv $LogDir\MAINDOMAINPA_Acc.csv -encoding unicode -notypeinformation -Append
    $x=Import-csv $LogDir\MAINDOMAINPA_Acc.csv|Sort name -Unique
    $x|export-csv $LogDir\Unique_MAINDOMAINPA_Acc.csv -encoding unicode -notypeinformation #-Append
    $Users3=$x
    foreach ($user3 in $users3)
    {$name3 =$user3.name
    $usr3=Get-QADUser $name3 -DontUseDefaultIncludedProperties -IncludedProperties domain,name,displayname,Description,email,Dn,accountExpires -Enabled -SizeLimit 0 | select domain,name,displayname,Description,email,Dn,accountExpires
    $object.Domain = $Usr3.domain
    $object.LogonName = $Usr3.name
    $object.Displayname = $Usr3.displayname
    $object.Description = $Usr3.Description
    $object.DistinguishedName = $Usr3.Dn
    $object.AccountExpires = $Usr3.accountExpires
    $object.Email = $Usr3.email
    
    # Get Today for something to compare against
    $Today=get-date
    # Find out when account is supposed to expire
    $ExpireDate=$usr3.accountExpires -as [datetime]
    # How many days left before account expires
    $AccountAgeLeft=$ExpireDate-$Today
    # Get the value in days
    $DaysLeft=$AccountAgeLeft.days
    
    If ($usr3.accountExpires -ne $null)
    {
    Write-host "Please REMOVE Expire date for Account $name3" -fore Cyan
    #$DN3 = $usr3.DN
    #RemExpDate $DN3
    $object.AccountType = "Personal Account"
    $object.Daysleft = $DaysLeft
    $objectCollection += $object
    $objectCollection|export-csv $LogDir\MAINDOMAINPA_Acc_Auto_REMOVE_exp.csv -encoding unicode -notypeinformation -Append
    }
    }
    
    ##############
    # Repporting #
    ##############
    
    $csv1=Import-csv "$LogDir\MAINDOMAINPA_Acc_Auto_REMOVE_exp.csv"
    $csv1| Add-Member -MemberType NoteProperty "Action" -Value "REMOVED Expire date"
    $csv1|export-csv $LogDir\GlobalRepport.csv -encoding unicode -notypeinformation -Append
    $table += $csv1
    
    $csv2=Import-csv "$LogDir\Tech-Func_Acc_Auto_REMOVE_exp.csv"
    $csv2| Add-Member -MemberType NoteProperty "Action" -Value "REMOVED Expire date"
    $csv2|export-csv $LogDir\GlobalRepport.csv -encoding unicode -notypeinformation -Append
    $table += $csv2
    
    $csv3=Import-csv "$LogDir\MAINDOMAIN_PAA_Acc_Auto_set_exp.csv"
    $csv3| Add-Member -MemberType NoteProperty "Action" -Value "Expiry Date EXTENDED"
    $csv3|export-csv $LogDir\GlobalRepport.csv -encoding unicode -notypeinformation -Append
    $table += $csv3
    
    $csv4=Import-csv "$LogDir\MAINDOMAIN_PAA_Acc_expired_VERIFYGROUPS.csv"
    $csv4| Add-Member -MemberType NoteProperty "Action" -Value "Non Auto extended users : CHECK!"
    $csv4|export-csv $LogDir\GlobalRepport.csv -encoding unicode -notypeinformation -Append
    $table += $csv4
    
    $Header = @"
    
    TABLE {border-width: 1px;border-style: solid;border-color: black;border-collapse: collapse;}
    TH {border-width: 1px;padding: 3px;border-style: solid;border-color: black;background-color: #6495ED;}
    TD {border-width: 1px;padding: 3px;border-style: solid;border-color: black;}
    
    Expiry Date Report
    
    "@
    $Pre = "This is a BETA Version of the report BE AWARE NO ACTION HAS BEEN DONE YET"
    $Post ="This is an automaticly generated repport created by "
    
    $table | ConvertTo-HTML -Head $Header -body "Expiry Date Report created on $LogTime" -PreContent $Pre -PostContent $Post| Out-File c:\temp\report3.html
    #40257
    Profile photo of Ruben Miclotte
    Ruben Miclotte
    Participant

    I want everything to be logged...
    Fact is that my superior wants an overvieuw on each of his accounts , actions done, days left to expire, expirey date, email , sort of account , description, domain , etc ...

    I also performed an overview to a html page, for having a proper view of the output at his side, also loging of each different step, so an operator could use the csv files per step to perform any needed action

    #40534
    Profile photo of Ruben Miclotte
    Ruben Miclotte
    Participant

    It does look like each loop I perform in the Foreach, the output gets duplicated more and more
    += on foreach loop is adding duplicate entry's in my file, causing report files of 2 gB and more... script runtime also not performant.

    PLEASE HELP... I'm running out of time and diskspace ...

    #40880
    Profile photo of Ruben Miclotte
    Ruben Miclotte
    Participant

    I found the error .....
    In fact it was TOO obvious, silly me 🙁

    $objectCollection += $object
    $objectCollection|export-csv $LogDir\MAINDOMAINPA_Acc_Auto_REMOVE_exp.csv -encoding unicode -notypeinformation -Append
    $objectCollection += $object

    And

    $objectCollection|export-csv $LogDir\MAINDOMAINPA_XXXX.csv -encoding unicode -notypeinformation -Append

    Are the 2 reasons why my foreach loops created more and more duplicates per run....
    Fact is that $objectCollection += $object & having the -Append set as parameter are creating this occurence.
    after havint removed the + in the lines

    $objectCollection += $object

    my outup did not generate any duplicate/run 🙂
    Now I just have to sort out the issue on accounts that never expire having a value on -736XX in reporting.

Viewing 6 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic.