AD Audit

Active Directory holds a massive amount of information and things can be overlooked in an abundance of Organization Units especially when there are multiple administrators and when some administrators may have made changes but no longer work for the company. This is a group of small Active Directory audit scripts and documents that do not warrant individual pages. All of these files are included in the collection.

Download AD-Audit.zip

Account Disable Policy.pdf – A sample policy for disabling accounts and archiving data for terminated employees.

EnumComputers.ps1 – This script creates a report containing a list of enabled computers.

EnumDisabledComputers.ps1 – This script creates a report containing a list of disabled computers not located in an OU with “Disabled” as part of the name. It is usually good practice to disable a computer account for a period of time before deleting it.

EnumDisabledUsers.ps1 – This script creates a report containing a list of disabled users not in an OU with “Disabled” in its name. It is a good practice to disable an account for some time before deleting it.

EnumServersByOS.ps1 – This script creates a report containing a list of servers and their
# installed operating systems with service pack level.

EnumStaleComputers.ps1 – This script creates a report containing a list of computers that have not changed their system passwords in an allotted amount of time indicating the account is stale.

EnumStaleServers.ps1 – This script creates a report containing a list of servers that have not changed their system passwords in an allotted amount of time indicating the server account is stale.

EnumStaleUsers.ps1 – This script creates a report containing a list of users that have not been used to login in an allotted amount of time indicating the user account is stale.

EnumUsers.ps1 – This script creates a report containing a list of active users.

NonExpiringPasswords.ps1 – This script creates a report containing a list of users where the “password never expires” value has been set. This can be important in discovering accounts that evade password reset policies.

PasswordLastSet.ps1 – This script creates a report containing a list of users and the associated date and time the password was last changed.