Thursday, November 27, 2008

PowerShell - Finding New User Accounts

Managing user accounts in a large company can sometimes be quite difficult. Keeping track of newly created accounts, or accounts created between a certain time period is not only useful from an administrative point of view but also from a security aspect too. Being able to identify accounts that may have been created during a period of possible comprimise is extremely useful.

The PowerShell script below (Get-NewAccount) will ask for 2 dates and then list all accounts created between those dates.

#This script will list new accounts and then count them.

$days = (read-host "How many days back shall I go?")
Write-host "This script will display all accounts created in the past $days days. Please wait a few minutes" -fore yellow
$date = get-date
$date = $date.AddDays(-$days)
write-host " "
$TotalAccountsCreated = Get-QADUser -SizeLimit 0 | where {$_.whenCreated -ge $date} | select Name,Company
write-host " "
Write-host "There have been" $totalaccountscreated.count "accounts created in the past $days days" -fore red

Thanks to the guys at PowerShell Community who helped me with this.

No comments: