I am trying to get certain information from our Office 365 but not getting all the information required.
Below is my script I use:
Get-MsolUser -All | select DisplayName, LastPasswordChangeTimeStamp, LastLogonTime, PrimaryEmailAddress | Export-CSV UserList.csv -NoTypeInformation
The information I am getting from the above script is only the display name last password change. For the LastLogonTime and PrimaryEmailAddress I get nothing.
Is there something I am doing wrong?
Please help.
Thanks
Last logon time can be retrieved from Get-MailboxStatistics but it shows last accessed Exchange mailbox alone. It doesn't track other Office 365 services. You can try below code for your requirement.
$Result=""
$Output=#()
Get-mailbox -All | foreach{
$UPN=$_.UserPrincipalName
$DisplayName=$_.DisplayName
$PrimaryEmailAddress=$_.ProxyAddresses.where{$_ -clike "SMTP:*"} -creplace "SMTP:"
$LastPwdChange=$_.LastPasswordChangeTimeStamp
$LastLogonTime=(Get-MailboxStatistics -Identity $upn).lastlogontime
$Result= #{'DisplayNme'=$DisplayName;'LastLogonTime'=$LastLogonTime;'PrimaryEmailAddress'=$PrimaryEmailAddress;'LastPwdChange'=$LastPwdChange}
$Output= New-Object PSObject -Property $Result
$Output | Select-Object DisplayName,LastLogonTime,PrimaryEmailAddress,LastPwdChange | Export-CSV UserList.csv -Notype -Append
}
Related
I am creating a script to get user logins on the server.I do it through powershell and the event viewer.
The problem is that the script returns the users and other "users" of the system and I only need the real users.
______
User
______
AR01
system
dvm-01
system
AR01
AR04
AR15
system
I thought about creating a condition so that it only selects users that start with AR, but I don't know how to do it.
Any ideas?
Thanks!
Get-WinEvent -Computer MyServerName -FilterHashtable #{Logname='Security';ID=4624} -MaxEvents 2000|
select #{N='User';E={$_.Properties[5].Value}}, TimeCreated | export-csv -Path C:\Users\AR001\Desktop\filename.csv -NoTypeInformation
You can simply use a Where-Object once you have extracted your data from the message.
Just add this:
Where-Object -Property User -Match -Value "AR"
before you try to export to the CSV.
Try this complete command:
Get-WinEvent -Computer MyServerName -FilterHashtable #{Logname='Security';ID=4624} -MaxEvents 2000 | Where-Object -Property User -Match -Value "AR"
select #{N='User';E={$_.Properties[5].Value}}, TimeCreated | export-csv -Path C:\Users\AR001\Desktop\filename.csv -NoTypeInformation
I'm trying to run a report, to get all the users who are disabled in AD, but still have a license assigned in Office 365.
I've found a couple of scripts on various sites, and they work if just run within the PowerShell console, but the moment I try to export to a CSV, it loses the license assignment information.
The script I'm currently using is:
Get-MsolUser -All | where {$_.isLicensed -eq $true -and $_.BlockCredential -eq $true} | select userprincipalname,islicensed,Licenses,UsageLocation
This works, and shows the below
UserPrincipalName IsLicensed Licenses UsageLocation
----------------- ---------- -------- -------------
joe.bloggs#domain.com True
{tennent:ENTERPRISEPACK} US
However, the moment I add:
| Export-Csv -Path C:\LicenseReport.csv
The report changes to:
UserPrincipalName IsLicensed Licenses UsageLocation
joe.bloggs#domain.com
TRUE System.Collections.Generic.List`1[Microsoft.Online.Administration.UserLicense] US
I've tried a number of other select properties for the license, such as
$_.licenses.accountskuid
#{n="Licenses
Type";e={$_.Licenses.AccountSKUid}} $($license.AccountSKUid)
But none work. How do I get the report to export with the License details?
This is the command I use & it works:
Get-MsolUser -All | ?{$_.isLicensed-eq "TRUE"} | Select DisplayName, SignInName, #{n="LicensesType";e={$_.Licenses.AccountSKUid}} | Export-Csv -Path C:\output.csv -NoTypeInformation
Be aware though, the MSOnline module is no longer developed. You should consider moving to the AzureAD PowerShell module.
Here is the syntax for that:
Get-AzureADUser -All 1 | ?{($_.AssignedLicenses | ?{$_.SkuId -eq $license.SkuId})} | SELECT DisplayName, UserPrincipalName, #{l="License";e={$license.SkuPartNumber}}
Try this:
Get-MsolUser -All | where {$_.isLicensed -eq $true -and $_.BlockCredential -eq $true} |
select userprincipalname,islicensed,#{N="Licenses";E={$_.Licenses.AccountSkuId}},UsageLocation
and that's in case you have only one license, but if you have more, you need to join them with commas so it will be a string compatible for the csv export, for example:
Change this:
#{N="Licenses";E={$_.Licenses.AccountSkuId}}
To This:
#{N="Licenses";E={$_.Licenses.AccountSkuId -join ','}}
I hope someone here can help me designing a powershell script to do the following:
Find all windows 10 clients in AD, and also get the either SamAccountName OR last SamAccountName logged, in on the windows 10 clients, when the script is executed.
Export Last login, SamAccountName, OperationSystem and OperationSystemVersion to an Excel document.
I have the following code so far:
Import-Module ActiveDirectory
Get-ADComputer -Filter * -Property * | Select-Object Name,OperatingSystem,OperatingSystemVersion | Export-CSV C:\AllWindows1.csv -NoTypeInformation -Encoding UTF8
But I need this to fetch the logged in/last login of the SamAccountName also, can anyone help me?
You could try to do something like this:
Import-Module ActiveDirectory
$computers = Get-ADComputer -Filter * -Property * | Select-Object Name,OperatingSystem,OperatingSystemVersion,SamAccountName
Foreach ($computer in $computers)
{
if ($computer.OperatingSystemVersion -like '10.0*')
{
$obj = New-Object psobject
$obj | Add-Member NoteProperty Name $computer.Name
$obj | Add-Member NoteProperty 'Operating System' $computer.OperatingSystem
$obj | Add-Member NoteProperty 'Operating System Version' $computer.OperatingSystemVersion
$obj | Add-Member NoteProperty 'SAMAccountName' $computer.samaccountname
$obj | Export-CSV C:\AllWindows1.csv -Append -NoTypeInformation -Encoding UTF8
}
}
But this is not finding what was the last account login to the Win10 computer.
I was checking the properties for the computer object in AD, and there is no such thing. I believe that you would have to write a pretty complex script in order to determine who was the last person who logged in to the computer.
You cannot do what you want as a computer object does not have an attribute that holds details of the last user that logged.
You would need to either, write a logon script that saves the login information to a database/log file however or enable auditing for account logon events.
Auditing events will then be saved to the DC security log and can be read using Get-EventLog.
I'm using the Get-MsolUser to get a list of all the users in the active directory. However, I just want the user where the Source is "Microsoft" instead of "Windows Server AD". This command does not return the Source nor does it give me the option to filter on the source. This is what I am doing:
Connect-MsolService
Connect-AzureAD
Get-MsolUser | Where-Object {$_.isLicensed -eq 'True'} | Format-List | Out-File "C:\Azure Scripts\userlist.txt"
Has anybody ever used this or any other command to get a list of only the Microsoft accounts?
You may use the following cmdlet:
Get-MsolUser -All | select userprincipalname,islicensed, {$.Licenses.AccountSkuId} |Where-Object {$.isLicensed -eq 'True'}| Format-List | Out-File "C:\Users\azure\Desktop\Get-Msoluserlist.txt"
Refer : Get-MsolUser
I've a text file with a list of distribution groups that I'm trying to get managedby attribute. I tried running different commands but seems to be a syntax issue ( fairly new to PowerShell) because I'm able to retrieve the attribute managedby for single distribution group. When I'm formatting and exporting the result to csv file all I get is a bunch of numbers. I'm on powershell exchange server 2008.
Starting with a flat text file named groups.txt:
Employees#company.com
Executives#company.com
Suggested Solution:
$grouplist = Get-Content groups.txt | foreach {Get-DistributionGroup -Identity $_ | Select-Object PrimarySMTPaddress, ManagedBy}
$grouplist | Export-Csv -Path results.csv -NoTypeInformation
Gives results like:
"PrimarySmtpAddress","ManagedBy"
"Employees#company.com","admin"
"Executives#company.com","admin"
Reproducing the "bunch of numbers" issue:
$grouplist = Get-Content groups.txt | foreach {Get-DistributionGroup -Identity $_ | Select-Object PrimarySMTPaddress, ManagedBy}
Export-Csv -InputObject $grouplist -Path results2.csv -NoTypeInformation
Resulted in:
"Count","Length","LongLength","Rank","SyncRoot","IsReadOnly","IsFixedSize","IsSynchronized"
"2","2","2","1","System.Object[]","False","True","False"
Environment: Exchange 2013, Powershell 5.0, Windows 10 Tech Preview 3