Reporting on AD users

Managing the Active Directory is an important albeit time-consuming task. Discovering a user account that has not been used for a reasonable period or a user that has membership in a privileged account (for example, enterprise administrators) could represent security risks to the organization. Regular reporting can help to place a focus on accounts that could be usefully de-activated. That could mean the account being removed from a security group or removed altogether.

This recipe creates a report of users, computers, and privileged group membership and displays this report on the console.

Getting ready

This recipe, which you run on DC1, reports on users with possible issues: a user hasn't logged on for a while, has made a ...

Get Windows Server 2019 Automation with PowerShell Cookbook - Third Edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.