Dec 07 2021 06:08 AM
Hello all
I am trying to get all disabled user accounts that have users listed on the disabled accounts "directreports" . The below code is showing me the disabled account and the directreports distinguishedname, however i am getting the following error
Get-ADUser -Filter * -Properties samaccountname,directreports,enabled | where {$_.directreports -notlike $null -and $_.enabled -eq $False}
ForEach-Object{
$mgr = $_
$_.directreports |
ForEach-Object{
[array]$d += Get-ADObject $_ |
Select-Object UserPrincipalName, samaccountname
}
$d |
ForEach-Object{
[PSCustomObject]@{
samaccountname = $mgr.samaccountname
enabled = $mgr.Enabled
distinguishedname = $mgr.distinguishedname
directreportupn = $_.userprincipalname
directteportsamaccountname = $_.samaccountname
}
}
}
Jan 17 2022 06:13 AM - edited Jan 22 2022 08:01 AM
$users = Get-ADUser -Filter * -Properties samaccountname, directreports, enabled | Where-Object { $_.directreports -notlike $null -and $_.enabled -eq $False }
ForEach ($user in $users) {
$directreportsupn = (get-aduser -filter * | Where-Object DistinguishedName -Match $user.directreports).UserPrincipalName
$directreportssamaccountname = (get-aduser -filter * | Where-Object DistinguishedName -Match $user.directreports).SamAccountName
[PSCustomObject]@{
samaccountname = $user.samaccountname
enabled = $user.Enabled
distinguishedname = $user.distinguishedname
directreportupn = $directreportsupn
directteportsamaccountname = $directreportssamaccountname
}
}
@Skipster311-1 Changed the code a little bit, could you verify and let me know if this is what you want?
Feb 03 2022 09:52 AM