Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

unable to pull object based on date modified...?

Status
Not open for further replies.
Jan 11, 2008
67
US
Hello, I'm trying to learn powershell -

I am trying to pull a list of users who were last modifed in the last few days which belong to a specific group and only users that reside in a specific OU.

I can pull the users in the OU and belong to the group but HOW can I do it based on 'object modified' date?

This is what I have:
THANKS - ANY HELP IS VERY APPRECIATED.
*************************
#Target Domain and OU where the Users are located
$OU = "OU=A,OU=Users,OU=Managed Objects,DC=corp,DC=bell,DC=net"


#Target the group location and search for Users BELONGING to the group that only reside in the above OU and write to file.
$User = Get-QADUser -SearchRoot $OU -MemberOf "CN=SSL Citrix,OU=VPN,OU=Users,OU=Managed Objects,DC=corp,DC=bell,DC=net"


get-childitem | foreach-object {$User.lastwritetime -gt "07/24/2010"} | out-file c:\SSL_Citrix_User.txt

***********
THANKS - ANY HELP IS VERY APPRECIATED.



 
I don't remember when they added it, but if you're using a recent version of the Quest AD cmdlets Get-QADUser has a "LastChangedAfter" paramater. You could do this:
Code:
Get-QADUser -SearchRoot $OU -MemberOf "CN=SSL Citrix,OU=VPN,OU=Users,OU=Managed Objects,DC=corp,DC=bell,DC=net" -LastChangedAfter "07/24/2010" | Out-File c:\SSL_Citrix_User.txt

With your existing code, you could also do the following:
Code:
$User | where {$_.ModificationDate -gt "07/24/2010"} | out-file c:\SSL_Citrix_user.txt
 
Thank crobin1 - That workded great for users!

Quesetion - is there a way to search for users recently added to a group? I just discovered that the users modified date do not change just by adding them to a group, you have to actaully change something on their acct.

I was actaully trying to seach for users who were recently added to the group. Any ideas?

Thanks again!
 
Right off hand I don't know a PowerShell way to do it. In our environment, I dump the security event logs from the domain controllers each night, then use Microsoft's LogParser tool to pull relevant entries out, including the ones indicating when users are added to groups. Not elegant but it works for us.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top