Connect-AzureAD
$Password = "em2Y2DA7KiZx2uo5QSAk*" | ConvertTo-SecureString -AsPlainText -Force
Set-AzureADUserPassword -ObjectID "7de0a4c8-8bfb-43bc-9d6e-e4b6131f3e66" -Password $passwordThis reset’s the account password to the specified one above, ignores already used passwords and extends expired account password lifecycle.
# Define the OU path where your servers are located
$ouPath = "OU=servers,DC=domain,DC=local" # Replace with your OU path
# Get a list of servers in the specified OU
$servers = Get-ADComputer -Filter {OperatingSystem -like "Windows Server*"} -SearchBase $ouPath | Select-Object -ExpandProperty Name
# Loop through each server and query logged-on users
foreach ($server in $servers) {
try {
# Use WMI to query logged-on user information
$loggedOnUsers = Get-WmiObject -Class Win32_ComputerSystem -ComputerName $server | Select-Object -ExpandProperty UserName
if ($loggedOnUsers) {
Write-Host "Logged-on users on $server"
$loggedOnUsers | ForEach-Object {
Write-Host " $_"
}
} else {
Write-Host "No users logged on to $server"
}
} catch {
Write-Host "Failed to query $server"
}
}
If you want to search by specific names, you can adjust the filter to this –
Get-ADComputer -Filter {Name -like "AZ-EUW-*"} -SearchBase $ouPathAzure Active Directory has a ton of attributes which hold potentially useful information. I needed to compare what attributes are synced from an On-Premise AD environment to Azure AD. The client was using AD Sync Connector to synchronize their AD.
After collecting all the attributes from a Microsoft knowledgebase article, I added them all to the below script
# Export/working path, please create it before running script
$Path = Split-Path -Parent "C:\scripts\*.*"
# Create variable for the date stamp in log file
$LogDate = Get-Date -f yyyyMMddhhmm
# Define CSV and log file location variables
# They have to be on the same location as the script
$Csvfile = $Path + "\AllAzADUsers_$logDate.csv"
# Get all Azure AD users
$AzADUsers = Get-AzureADUser -All $true | Select-Object -Property *
# Display progress bar
$progressCount = 0
for ($i = 0; $i -le $AzADUsers.Count; $i++) {
Write-Progress `
-Id 0 `
-Activity "Retrieving User " `
-Status "$progressCount of $($AzADUsers.Count)" `
-PercentComplete (($progressCount / $AzADUsers.Count) * 100)
$progressCount++
}
# Create list
$AzADUsers | Sort-Object GivenName | Select-Object `
@{Label = "First name"; Expression = { $_.GivenName } },
@{Label = "Last name"; Expression = { $_.Surname } },
@{Label = "Display name"; Expression = { $_.DisplayName } },
@{Label = "User principal name"; Expression = { $_.UserPrincipalName } },
@{Label = "Street"; Expression = { $_.StreetAddress } },
@{Label = "City"; Expression = { $_.City } },
@{Label = "State/province"; Expression = { $_.State } },
@{Label = "Zip/Postal Code"; Expression = { $_.PostalCode } },
@{Label = "Country/region"; Expression = { $_.Country } },
@{Label = "Job Title"; Expression = { $_.JobTitle } },
@{Label = "Department"; Expression = { $_.Department } },
@{Label = "Company"; Expression = { $_.CompanyName } },
@{Label = "Description"; Expression = { $_.Description } },
@{Label = "Office"; Expression = { $_.PhysicalDeliveryOfficeName } },
@{Label = "Telephone number"; Expression = { $_.TelephoneNumber } },
@{Label = "E-mail"; Expression = { $_.Mail } },
@{Label = "Mobile"; Expression = { $_.Mobile } },
@{Label = "User type"; Expression = { $_.UserType } },
@{Label = "ageGroup"; Expression = { $_.ageGroup } },
@{Label = "alernativeSecurityId"; Expression = { $_.alernativeSecurityId } },
@{Label = "alernativeSecurityIds"; Expression = { $_.alernativeSecurityIds } },
@{Label = "consentProvidedForMinor"; Expression = { $_.consentProvidedForMinor } },
@{Label = "createdDateTime"; Expression = { $_.createdDateTime } },
@{Label = "creationType"; Expression = { $_.creationType } },
@{Label = "dateOfBirth"; Expression = { $_.dateOfBirth } },
@{Label = "facsimileTelephoneNumber"; Expression = { $_.facsimileTelephoneNumber } },
@{Label = "immutableId"; Expression = { $_.immutableId } },
@{Label = "legalAgeGroupClassification"; Expression = { $_.legalAgeGroupClassification } },
@{Label = "legalCountry"; Expression = { $_.legalCountry } },
@{Label = "mailNickName"; Expression = { $_.mailNickName } },
@{Label = "netId"; Expression = { $_.netId } },
@{Label = "objectId"; Expression = { $_.objectId } },
@{Label = "otherMails"; Expression = { $_.otherMails } },
@{Label = "password"; Expression = { $_.password } },
@{Label = "passwordPolicies"; Expression = { $_.passwordPolicies } },
@{Label = "physicalDeliveryOfficeName (officeLocation)"; Expression = { $_.physicalDeliveryOfficeName } },
@{Label = "preferredLanguage"; Expression = { $_.preferredLanguage } },
@{Label = "signInNames"; Expression = { $_.signInNames } },
@{Label = "signInNames.userName"; Expression = { $_.signInNames.userName } },
@{Label = "signInNames.phoneNumber"; Expression = { $_.signInNames.phoneNumber } },
@{Label = "signInNames.emailAddress"; Expression = { $_.signInNames.emailAddress } },
@{Label = "strongAuthenticationAlternativePhoneNumber"; Expression = { $_.strongAuthenticationAlternativePhoneNumber } },
@{Label = "strongAuthenticationEmailAddress"; Expression = { $_.strongAuthenticationEmailAddress } },
@{Label = "strongAuthenticationPhoneNumber"; Expression = { $_.strongAuthenticationPhoneNumber } },
@{Label = "usageLocation"; Expression = { $_.usageLocation } },
@{Label = "userType"; Expression = { $_.userType } },
@{Label = "userState"; Expression = { $_.userState } },
@{Label = "userStateChangedOn"; Expression = { $_.userStateChangedOn } },
@{Label = "Dirsync"; Expression = { if (($_.DirSyncEnabled -eq 'True') ) { 'True' } Else { 'False' } } },
@{Label = "Account status"; Expression = { if (($_.AccountEnabled -eq 'True') ) { 'Enabled' } Else { 'Disabled' } } } |
# Export report to CSV file
Export-Csv -Encoding UTF8 -Path $Csvfile -NoTypeInformation #-Delimiter ";"