Best way of doing some AD and Exchange auditing?

R.O.S.S.I

R.O.S.S.I

R.O.S.S.I

Soldato
Joined
16 Nov 2002
Posts
11,290
Location
The Moon
Hi all, just wondering if there is any good 3rd party software out there (free) that will help me do some simple AD and Exchange auditing? Or if there is the function within Exchange 2007 and AD on Server 2008 to allow me to get simple lists of peoples last log on dates, exchange mailbox size, if their account is suspended, and also if their mailbox is suspended. Stuff like that really?

Want to do a bit of a clear out in AD and Exchange but having a horrible time trying to get Exchange to give me the info I want from Powershell, and can't see any way within AD to do it easily, so I'm just wondering if any 3rd party software can assist in this?
 
those are all fairly easy to do with powershell and command line

Mailbox Sizes (Powershell)
Code: 
Get-MailboxStatistics -Database "Mailbox Database 1207595605" | Sort -Property TotalItemsize |
Format-Table DisplayName,  ItemCount, @{expression={$_.totalitemsize.value.ToMB()};label="Size(MB)"}, LastLogonTime

Last Login (VB Script)

Code: 
On Error Resume Next

Dim objFileSystem, objOutputFile
Dim strOutputFile


' generate a filename base on the script name
strOutputFile = "./" & Split(WScript.ScriptName, ".")(0) & ".txt"

Set objFileSystem = CreateObject("Scripting.fileSystemObject")
Set objOutputFile = objFileSystem.CreateTextFile(strOutputFile, TRUE)

sEnterDCs = "DCNAME"
sObjects = Split(sEnterDCs, ",")
Set oDomain = GetObject("WinNT://" & sObjects(0))
oDomain.Filter = Array("User")
objOutputFile.WriteLine("Showing last login times of accounts from: " & oDomain.Name & vbNewLine)
For Each oDomainItem In oDomain
  sUsrLogin = oDomainItem.LastLogin

'WScript.Echo sUsrLogin
  If UBound(sObjects) >= 1 Then
    For ii = 1 To UBound(sObjects)
      Set oUsr = GetObject("WinNT://" & sObjects(ii) & "/" & oDomainItem.Name & ",user")
      If oUsr.LastLogin > sUsrLogin AND oDomainItem.accountdisabled = False Then sUsrLogin = oUsr.LastLogin
    Next
  End If 
objOutputFile.WriteLine("Username=" & Chr(34) & oDomainItem.Name & Chr(34) & " Time=" & Chr(34) & FormatDateTime(sUsrLogin) & Chr(34) & " Disabled= " & oDomainItem.accountdisabled)
Next


objOutputFile.Close

Set objFileSystem = Nothing
 
Last edited:
there is one called active directory janitor but i have never used it.

I just do it manually. Depending on how many users you have, that might not be possible. But with smaller networks i just do it manually. Also what helps is AV software or other software the deploys agents, that way you can see the active pcs. What i do then is move the active pcs in to a new ou and leave the old ones in the old ou and then if there is one or two that i missed cause they were off or something just move them afterwards.

You can use powershell to see last login time and things like that out put it to a text file i have done similar when trying to get hardware information of the network devices.
 
If you're checking your internal domain I would look at Quest Active Roles. This lets you run powershell commands within the Quest application like Get-QadUser and there are many switches you can use with this to make querying info from AD much easier than it would be otherwise.

You can get it for free here: http://www.quest.com/powershell/activeroles-server.aspx as it's freeware.

You don't need to install it on a server either. I can run it from my own desktop, as long as you have appropriate AD rights and you are connected to the domain it will work.
 
Eulogy said:
If you're checking your internal domain I would look at Quest Active Roles. This lets you run powershell commands within the Quest application like Get-QadUser and there are many switches you can use with this to make querying info from AD much easier than it would be otherwise.

You can get it for free here: http://www.quest.com/powershell/activeroles-server.aspx as it's freeware.

You don't need to install it on a server either. I can run it from my own desktop, as long as you have appropriate AD rights and you are connected to the domain it will work.
Click to expand...

+1 for this software. Use it at work also, very useful!
 
You must log in or register to reply here.
Back
Top Bottom