| Author | Messages | |
boubbha
Posts:0
 | | 12/13/2008 8:24 AM |
| hello all  ,
for statistcs purposes, i need to dump in a csv, excel format:
-deleted users, groups and OUs since a certain date, say 1 month..
I try scripting with ADO or adsi but seems not to work. I use my domain admin account to run the script against the deleted objects container, so i'm sure it is not a privilege issue.
Is there a way to dump these infos without using third party software ?
thanks for assistance
| | | |
| tonyszko
Posts:140
| | 12/13/2008 9:06 AM |
| Yann wrote:
> hello all ,
>
> for statistcs purposes, i need to dump in a csv, excel format:
> -deleted users, groups and OUs since a certain date, say 1 month..
>
> I try scripting with ADO or adsi but seems not to work. I use my domain
> admin account to run the script against the deleted objects container,
> so i'm sure it is not a privilege issue.
>
> Is there a way to dump these infos without using third party software ?
Use Powershell or .NET code if you want to do this -
System.DirectoryServices or System.DirectoryServices.Protocols will
allow you to query this. One of many examples form the net;
http://poshcode.org/141
Or just use adfind.exe with -showdel switch to execute your query
--
Tomasz Onyszko
http://www.w2k.pl/ - (PL)
http://blogs.dirteam.com/blogs/tomek/ - (EN)
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx
| | | |
| boubbha
Posts:0
| | 12/13/2008 9:29 AM |
| hello,
i don't get used of powershell. I will try it.
Thanks for your help,
Yann
--- En date de : Sam 13.12.08, Tomasz Onyszko <t.onyszko@w2k.pl> a écrit :
De: Tomasz Onyszko <t.onyszko@w2k.pl>
Objet: Re: [ActiveDir] AD reports on deleted objects
À: ActiveDir@mail.activedir.org
Date: Samedi 13 Décembre 2008, 15h01
Yann wrote:
> hello all ,
> for statistcs purposes, i need to dump in a csv, excel format:
> -deleted users, groups and OUs since a certain date, say 1 month..
> I try scripting with ADO or adsi but seems not to work. I use my domain
admin account to run the script against the deleted objects container, so
i'm sure it is not a privilege issue.
> Is there a way to dump these infos without using third party software ?
Use Powershell or .NET code if you want to do this - System.DirectoryServices
or System.DirectoryServices.Protocols will allow you to query this. One of many
examples form the net;
http://poshcode.org/141
Or just use adfind.exe with -showdel switch to execute your query
-- Tomasz Onyszko
http://www.w2k.pl/ - (PL)
http://blogs.dirteam.com/blogs/tomek/ - (EN)
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx
| | | |
| Gil
Posts:311
| | 12/13/2008 11:06 AM |
| To see objects in the CN=Deleted Objects container (in fact to see the container itself), in addition to the appropriate access rights, you have to specify a special option (called a LDAP control) with the search operation. That’s what the –showdel switch in adfind does implicitly.
-g
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Yann
Sent: Saturday, December 13, 2008 7:25 AM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] AD reports on deleted objects
hello,
i don't get used of powershell. I will try it.
Thanks for your help,
Yann
--- En date de : Sam 13.12.08, Tomasz Onyszko <t.onyszko@w2k.pl> a écrit :
De: Tomasz Onyszko <t.onyszko@w2k.pl>
Objet: Re: [ActiveDir] AD reports on deleted objects
À: ActiveDir@mail.activedir.org
Date: Samedi 13 Décembre 2008, 15h01
Yann wrote:
> hello all ,
> for statistcs purposes, i need to dump in a csv, excel format:
> -deleted users, groups and OUs since a certain date, say 1 month..
> I try scripting with ADO or adsi but seems not to work. I use my domain
admin account to run the script against the deleted objects container, so
i'm sure it is not a privilege issue.
> Is there a way to dump these infos without using third party software ?
Use Powershell or .NET code if you want to do this - System.DirectoryServices
or System.DirectoryServices.Protocols will allow you to query this. One of many
examples form the net;
http://poshcode.org/141
Or just use adfind.exe with -showdel switch to execute your query
-- Tomasz Onyszko
http://www.w2k.pl/ - (PL)
http://blogs.dirteam.com/blogs/tomek/ - (EN)
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx
| | | |
| listmail
Posts:821
| | 12/13/2008 11:37 AM |
| As an admin (by default) and all one line (beware cut and paste because
sometimes the characters get changed so best to just type the command) run
the command
adfind -default -rb "cn=deleted objects" -showdel -f
"&(|(objectclass=user)(objectclass=organizationalunit)(objectclass=group))(w
henchanged>=20071113000000.0Z)" samaccountname objectsid whencreated
whenchanged lastknownparent -csv
Will look something like
G:\>adfind -default -rb "cn=deleted objects" -showdel -f
"&(|(objectclass=user)(objectclass=organizationalunit)(objectclass=group))(w
henchanged>=20071113000000.0Z)" samaccountname objectsid whencreated
whenchanged lastknownparent -csv
"dn","samaccountname","objectsid","whencreated","whenchanged","lastknownpare
nt"
"OU=mytestou\0ADEL:20f49eb1-34ea-4a5c-8c2b-f697ad522e8d,CN=Deleted
Objects,DC=test,DC=loc","","","20080813151117.0Z","20080813151123.0Z","DC=te
st,DC=loc"
"CN=testjonuser\0ADEL:6ae9b225-adb6-4729-98fc-70d13887f51f,CN=Deleted
Objects,DC=test,DC=loc","testjonuser","S-1-5-21-91850410-1263060417-35771112
26-725609","20080929190914.0Z","20080929191042.0Z","CN=Users,DC=test,DC=loc"
"CN=adorgtest\0ADEL:72efbac0-b85f-4275-a0ab-38ed91dc860b,CN=Deleted
Objects,DC=test,DC=loc","adorgtest","S-1-5-21-91850410-1263060417-3577111226
-726104","20081206051634.0Z","20081206051650.0Z","CN=Users,DC=test,DC=loc"
Looks rough due to line length sorry....
joe
--
O'Reilly Active Directory Fourth Edition -
http://www.joeware.net/win/ad4e.htm
_____
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Yann
Sent: Saturday, December 13, 2008 8:19 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] AD reports on deleted objects
hello all ,
for statistcs purposes, i need to dump in a csv, excel format:
-deleted users, groups and OUs since a certain date, say 1 month..
I try scripting with ADO or adsi but seems not to work. I use my domain
admin account to run the script against the deleted objects container, so
i'm sure it is not a privilege issue.
Is there a way to dump these infos without using third party software ?
thanks for assistance
| | | |
| boubbha
Posts:0
| | 12/13/2008 12:42 PM |
| Woa! That's what i was looking for.
thanks Joe 
--- En date de : Sam 13.12.08, joe <listmail@joeware.net> a écrit :
De: joe <listmail@joeware.net>
Objet: RE: [ActiveDir] AD reports on deleted objects
À: ActiveDir@mail.activedir.org
Date: Samedi 13 Décembre 2008, 17h32
As an admin (by default) and all one line (beware cut and paste because sometimes the characters get changed so best to just type the command) run the command
adfind -default -rb "cn=deleted objects" -showdel -f "&(|(objectclass=user)(objectclass=organizationalunit)(objectclass=group))(whenchanged>=20071113000000.0Z)" samaccountname objectsid whencreated whenchanged lastknownparent -csv
Will look something like
G:\>adfind -default -rb "cn=deleted objects" -showdel -f "&(|(objectclass=user)(objectclass=organizationalunit)(objectclass=group))(whenchanged>=20071113000000.0Z)" samaccountname objectsid whencreated whenchanged lastknownparent -csv
"dn","samaccountname","objectsid","whencreated","whenchanged","lastknownparent"
"OU=mytestou\0ADEL:20f49eb1-34ea-4a5c-8c2b-f697ad522e8d,CN=Deleted Objects,DC=test,DC=loc","","","20080813151117.0Z","20080813151123.0Z","DC=test,DC=loc"
"CN=testjonuser\0ADEL:6ae9b225-adb6-4729-98fc-70d13887f51f,CN=Deleted Objects,DC=test,DC=loc","testjonuser","S-1-5-21-91850410-1263060417-3577111226-725609","20080929190914.0Z","20080929191042.0Z","CN=Users,DC=test,DC=loc"
"CN=adorgtest\0ADEL:72efbac0-b85f-4275-a0ab-38ed91dc860b,CN=Deleted Objects,DC=test,DC=loc","adorgtest","S-1-5-21-91850410-1263060417-3577111226-726104","20081206051634.0Z","20081206051650.0Z","CN=Users,DC=test,DC=loc"
Looks rough due to line length sorry....
joe
--
O'Reilly Active Directory Fourth Edition - http://www.joeware.net/win/ad4e.htm
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Yann
Sent: Saturday, December 13, 2008 8:19 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] AD reports on deleted objects
hello all ,
for statistcs purposes, i need to dump in a csv, excel format:
-deleted users, groups and OUs since a certain date, say 1 month..
I try scripting with ADO or adsi but seems not to work. I use my domain admin account to run the script against the deleted objects container, so i'm sure it is not a privilege issue.
Is there a way to dump these infos without using third party software ?
thanks for assistance
| | | |
| boubbha
Posts:0
| | 12/13/2008 12:48 PM |
| oh! just one thing.
In your command, do you recommend to use objectcategory instead of objectclass for ldap search improvements ? or it does not bother ?
thanks again,
Yann
--- En date de : Sam 13.12.08, joe <listmail@joeware.net> a écrit :
De: joe <listmail@joeware.net>
Objet: RE: [ActiveDir] AD reports on deleted objects
À: ActiveDir@mail.activedir.org
Date: Samedi 13 Décembre 2008, 17h32
As an admin (by default) and all one line (beware cut and paste because sometimes the characters get changed so best to just type the command) run the command
adfind -default -rb "cn=deleted objects" -showdel -f "&(|(objectclass=user)(objectclass=organizationalunit)(objectclass=group))(whenchanged>=20071113000000.0Z)" samaccountname objectsid whencreated whenchanged lastknownparent -csv
Will look something like
G:\>adfind -default -rb "cn=deleted objects" -showdel -f "&(|(objectclass=user)(objectclass=organizationalunit)(objectclass=group))(whenchanged>=20071113000000.0Z)" samaccountname objectsid whencreated whenchanged lastknownparent -csv
"dn","samaccountname","objectsid","whencreated","whenchanged","lastknownparent"
"OU=mytestou\0ADEL:20f49eb1-34ea-4a5c-8c2b-f697ad522e8d,CN=Deleted Objects,DC=test,DC=loc","","","20080813151117.0Z","20080813151123.0Z","DC=test,DC=loc"
"CN=testjonuser\0ADEL:6ae9b225-adb6-4729-98fc-70d13887f51f,CN=Deleted Objects,DC=test,DC=loc","testjonuser","S-1-5-21-91850410-1263060417-3577111226-725609","20080929190914.0Z","20080929191042.0Z","CN=Users,DC=test,DC=loc"
"CN=adorgtest\0ADEL:72efbac0-b85f-4275-a0ab-38ed91dc860b,CN=Deleted Objects,DC=test,DC=loc","adorgtest","S-1-5-21-91850410-1263060417-3577111226-726104","20081206051634.0Z","20081206051650.0Z","CN=Users,DC=test,DC=loc"
Looks rough due to line length sorry....
joe
--
O'Reilly Active Directory Fourth Edition - http://www.joeware.net/win/ad4e.htm
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Yann
Sent: Saturday, December 13, 2008 8:19 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] AD reports on deleted objects
hello all ,
for statistcs purposes, i need to dump in a csv, excel format:
-deleted users, groups and OUs since a certain date, say 1 month..
I try scripting with ADO or adsi but seems not to work. I use my domain admin account to run the script against the deleted objects container, so i'm sure it is not a privilege issue.
Is there a way to dump these infos without using third party software ?
thanks for assistance
| | | |
| Gil
Posts:311
| | 12/13/2008 1:06 PM |
| Searching on objectCategory (pre WS08) is a good habit to get into, but truthfully, for an occasional ad-hoc query on CN=Deleted Objects, it doesn’t make any difference.
-g
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Yann
Sent: Saturday, December 13, 2008 10:45 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD reports on deleted objects
oh! just one thing.
In your command, do you recommend to use objectcategory instead of objectclass for ldap search improvements ? or it does not bother ?
thanks again,
Yann
--- En date de : Sam 13.12.08, joe <listmail@joeware.net> a écrit :
De: joe <listmail@joeware.net>
Objet: RE: [ActiveDir] AD reports on deleted objects
À: ActiveDir@mail.activedir.org
Date: Samedi 13 Décembre 2008, 17h32
As an admin (by default) and all one line (beware cut and paste because sometimes the characters get changed so best to just type the command) run the command
adfind -default -rb "cn=deleted objects" -showdel -f "&(|(objectclass=user)(objectclass=organizationalunit)(objectclass=group))(whenchanged>=20071113000000.0Z)" samaccountname objectsid whencreated whenchanged lastknownparent -csv
Will look something like
G:\>adfind -default -rb "cn=deleted objects" -showdel -f "&(|(objectclass=user)(objectclass=organizationalunit)(objectclass=group))(whenchanged>=20071113000000.0Z)" samaccountname objectsid whencreated whenchanged lastknownparent -csv
"dn","samaccountname","objectsid","whencreated","whenchanged","lastknownparent"
"OU=mytestou\0ADEL:20f49eb1-34ea-4a5c-8c2b-f697ad522e8d,CN=Deleted Objects,DC=test,DC=loc","","","20080813151117.0Z","20080813151123.0Z","DC=test,DC=loc"
"CN=testjonuser\0ADEL:6ae9b225-adb6-4729-98fc-70d13887f51f,CN=Deleted Objects,DC=test,DC=loc","testjonuser","S-1-5-21-91850410-1263060417-3577111226-725609","20080929190914.0Z","20080929191042.0Z","CN=Users,DC=test,DC=loc"
"CN=adorgtest\0ADEL:72efbac0-b85f-4275-a0ab-38ed91dc860b,CN=Deleted Objects,DC=test,DC=loc","adorgtest","S-1-5-21-91850410-1263060417-3577111226-726104","20081206051634.0Z","20081206051650.0Z","CN=Users,DC=test,DC=loc"
Looks rough due to line length sorry....
joe
--
O'Reilly Active Directory Fourth Edition - http://www.joeware.net/win/ad4e.htm
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Yann
Sent: Saturday, December 13, 2008 8:19 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] AD reports on deleted objects
hello all ,
for statistcs purposes, i need to dump in a csv, excel format:
-deleted users, groups and OUs since a certain date, say 1 month..
I try scripting with ADO or adsi but seems not to work. I use my domain admin account to run the script against the deleted objects container, so i'm sure it is not a privilege issue.
Is there a way to dump these infos without using third party software ?
thanks for assistance
| | | |
| listmail
Posts:821
| | 12/13/2008 1:14 PM |
| I would normally recommend that but in this case you can't. The
objectCategory attribute isn't maintained in the tombstone. And if I recall,
you can't even force it to be retained with a schema mod.
That being said, since you scope the search on the container itself, it
isn't too bad.
joe
--
O'Reilly Active Directory Fourth Edition -
http://www.joeware.net/win/ad4e.htm
_____
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Yann
Sent: Saturday, December 13, 2008 12:45 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD reports on deleted objects
oh! just one thing.
In your command, do you recommend to use objectcategory instead of
objectclass for ldap search improvements ? or it does not bother ?
thanks again,
Yann
--- En date de : Sam 13.12.08, joe <listmail@joeware.net> a écrit :
De: joe <listmail@joeware.net>
Objet: RE: [ActiveDir] AD reports on deleted objects
À: ActiveDir@mail.activedir.org
Date: Samedi 13 Décembre 2008, 17h32
As an admin (by default) and all one line (beware cut and paste because
sometimes the characters get changed so best to just type the command) run
the command
adfind -default -rb "cn=deleted objects" -showdel -f
"&(|(objectclass=user)(objectclass=organizationalunit)(objectclass=group))(w
henchanged>=20071113000000.0Z)" samaccountname objectsid whencreated
whenchanged lastknownparent -csv
Will look something like
G:\>adfind -default -rb "cn=deleted objects" -showdel -f
"&(|(objectclass=user)(objectclass=organizationalunit)(objectclass=group))(w
henchanged>=20071113000000.0Z)" samaccountname objectsid whencreated
whenchanged lastknownparent -csv
"dn","samaccountname","objectsid","whencreated","whenchanged","lastknownpare
nt"
"OU=mytestou\0ADEL:20f49eb1-34ea-4a5c-8c2b-f697ad522e8d,CN=Deleted
Objects,DC=test,DC=loc","","","20080813151117.0Z","20080813151123.0Z","DC=te
st,DC=loc"
"CN=testjonuser\0ADEL:6ae9b225-adb6-4729-98fc-70d13887f51f,CN=Deleted
Objects,DC=test,DC=loc","testjonuser","S-1-5-21-91850410-1263060417-35771112
26-725609","20080929190914.0Z","20080929191042.0Z","CN=Users,DC=test,DC=loc"
"CN=adorgtest\0ADEL:72efbac0-b85f-4275-a0ab-38ed91dc860b,CN=Deleted
Objects,DC=test,DC=loc","adorgtest","S-1-5-21-91850410-1263060417-3577111226
-726104","20081206051634.0Z","20081206051650.0Z","CN=Users,DC=test,DC=loc"
Looks rough due to line length sorry....
joe
--
O'Reilly Active Directory Fourth Edition -
http://www.joeware.net/win/ad4e.htm
_____
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Yann
Sent: Saturday, December 13, 2008 8:19 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] AD reports on deleted objects
hello all ,
for statistcs purposes, i need to dump in a csv, excel format:
-deleted users, groups and OUs since a certain date, say 1 month..
I try scripting with ADO or adsi but seems not to work. I use my domain
admin account to run the script against the deleted objects container, so
i'm sure it is not a privilege issue.
Is there a way to dump these infos without using third party software ?
thanks for assistance
| | | |
| boubbha
Posts:0
| | 12/13/2008 1:18 PM |
| thank you foryour input
yann
--- En date de : Sam 13.12.08, Gil Kirkpatrick <Gil.Kirkpatrick@quest.com> a écrit :
De: Gil Kirkpatrick <Gil.Kirkpatrick@quest.com>
Objet: RE: [ActiveDir] AD reports on deleted objects
À: "ActiveDir@mail.activedir.org" <ActiveDir@mail.activedir.org>
Date: Samedi 13 Décembre 2008, 19h02
Searching on objectCategory (pre WS08) is a good habit to get into, but truthfully, for an occasional ad-hoc query on CN=Deleted Objects, it doesn’t make any difference.
-g
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Yann
Sent: Saturday, December 13, 2008 10:45 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD reports on deleted objects
oh! just one thing.
In your command, do you recommend to use objectcategory instead of objectclass for ldap search improvements ? or it does not bother ?
thanks again,
Yann
--- En date de : Sam 13.12.08, joe <listmail@joeware.net> a écrit :
De: joe <listmail@joeware.net>
Objet: RE: [ActiveDir] AD reports on deleted objects
À: ActiveDir@mail.activedir.org
Date: Samedi 13 Décembre 2008, 17h32
As an admin (by default) and all one line (beware cut and paste because sometimes the characters get changed so best to just type the command) run the command
adfind -default -rb "cn=deleted objects" -showdel -f "&(|(objectclass=user)(objectclass=organizationalunit)(objectclass=group))(whenchanged>=20071113000000.0Z)" samaccountname objectsid whencreated whenchanged lastknownparent -csv
Will look something like
G:\>adfind -default -rb "cn=deleted objects" -showdel -f "&(|(objectclass=user)(objectclass=organizationalunit)(objectclass=group))(whenchanged>=20071113000000.0Z)" samaccountname objectsid whencreated whenchanged lastknownparent -csv
"dn","samaccountname","objectsid","whencreated","whenchanged","lastknownparent"
"OU=mytestou\0ADEL:20f49eb1-34ea-4a5c-8c2b-f697ad522e8d,CN=Deleted Objects,DC=test,DC=loc","","","20080813151117.0Z","20080813151123.0Z","DC=test,DC=loc"
"CN=testjonuser\0ADEL:6ae9b225-adb6-4729-98fc-70d13887f51f,CN=Deleted Objects,DC=test,DC=loc","testjonuser","S-1-5-21-91850410-1263060417-3577111226-725609","20080929190914.0Z","20080929191042.0Z","CN=Users,DC=test,DC=loc"
"CN=adorgtest\0ADEL:72efbac0-b85f-4275-a0ab-38ed91dc860b,CN=Deleted Objects,DC=test,DC=loc","adorgtest","S-1-5-21-91850410-1263060417-3577111226-726104","20081206051634.0Z","20081206051650.0Z","CN=Users,DC=test,DC=loc"
Looks rough due to line length sorry....
joe
--
O'Reilly Active Directory Fourth Edition - http://www.joeware.net/win/ad4e.htm
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Yann
Sent: Saturday, December 13, 2008 8:19 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] AD reports on deleted objects
hello all ,
for statistcs purposes, i need to dump in a csv, excel format:
-deleted users, groups and OUs since a certain date, say 1 month..
I try scripting with ADO or adsi but seems not to work. I use my domain admin account to run the script against the deleted objects container, so i'm sure it is not a privilege issue.
Is there a way to dump these infos without using third party software ?
thanks for assistance
| | | |
| jse79
Posts:4
| | 12/14/2008 4:05 AM |
|
How can I query the Deleted Objects container with a standard tool, like
dsquery.
I've tried adding the "Return deleted objects" control to a query in
different ways:
<cmd>
C:\>dsquery * -filter "(isDeleted:1.2.840.113556.1.4.417:=*)"
C:\>dsquery * "CN:1.2.840.113556.1.4.417:=Deleted Objects,DC=lab,DC=local"
dsquery failed irectory object not found.
</cmd>
Is something like this possible?
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of joe
Sent: Saturday, December 13, 2008 5:33 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD reports on deleted objects
As an admin (by default) and all one line (beware cut and paste because
sometimes the characters get changed so best to just type the command) run
the command
adfind -default -rb "cn=deleted objects" -showdel -f
"&(|(objectclass=user)(objectclass=organizationalunit)(objectclass=group))(w
henchanged>=20071113000000.0Z)" samaccountname objectsid whencreated
whenchanged lastknownparent -csv
Will look something like
G:\>adfind -default -rb "cn=deleted objects" -showdel -f
"&(|(objectclass=user)(objectclass=organizationalunit)(objectclass=group))(w
henchanged>=20071113000000.0Z)" samaccountname objectsid whencreated
whenchanged lastknownparent -csv
"dn","samaccountname","objectsid","whencreated","whenchanged","lastknownpare
nt"
"OU=mytestou\0ADEL:20f49eb1-34ea-4a5c-8c2b-f697ad522e8d,CN=Deleted
Objects,DC=test,DC=loc","","","20080813151117.0Z","20080813151123.0Z","DC=te
st,DC=loc"
"CN=testjonuser\0ADEL:6ae9b225-adb6-4729-98fc-70d13887f51f,CN=Deleted
Objects,DC=test,DC=loc","testjonuser","S-1-5-21-91850410-1263060417-35771112
26-725609","20080929190914.0Z","20080929191042.0Z","CN=Users,DC=test,DC=loc"
"CN=adorgtest\0ADEL:72efbac0-b85f-4275-a0ab-38ed91dc860b,CN=Deleted
Objects,DC=test,DC=loc","adorgtest","S-1-5-21-91850410-1263060417-3577111226
-726104","20081206051634.0Z","20081206051650.0Z","CN=Users,DC=test,DC=loc"
Looks rough due to line length sorry....
joe
--
O'Reilly Active Directory Fourth Edition -
http://www.joeware.net/win/ad4e.htm
_____
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Yann
Sent: Saturday, December 13, 2008 8:19 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] AD reports on deleted objects
hello all ,
for statistcs purposes, i need to dump in a csv, excel format:
-deleted users, groups and OUs since a certain date, say 1 month..
I try scripting with ADO or adsi but seems not to work. I use my domain
admin account to run the script against the deleted objects container, so
i'm sure it is not a privilege issue.
Is there a way to dump these infos without using third party software ?
thanks for assistance
| | | |
| Gil
Posts:311
| | 12/14/2008 9:55 AM |
| Control's aren't part of the search filter; they are specified separately. Looking at the command-line parameters for dsquery, I don't think it's possible to search the CN=Deleted Objects container.
-gil
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Jesse
Sent: Sunday, December 14, 2008 2:08 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD reports on deleted objects
How can I query the Deleted Objects container with a standard tool, like dsquery...
I've tried adding the "Return deleted objects" control to a query in different ways:
<cmd>
C:\>dsquery * -filter "(isDeleted:1.2.840.113556.1.4.417:=*)"
C:\>dsquery * "CN:1.2.840.113556.1.4.417:=Deleted Objects,DC=lab,DC=local"
dsquery failedirectory object not found.
</cmd>
Is something like this possible?
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of joe
Sent: Saturday, December 13, 2008 5:33 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD reports on deleted objects
As an admin (by default) and all one line (beware cut and paste because sometimes the characters get changed so best to just type the command) run the command
adfind -default -rb "cn=deleted objects" -showdel -f "&(|(objectclass=user)(objectclass=organizationalunit)(objectclass=group))(whenchanged>=20071113000000.0Z)" samaccountname objectsid whencreated whenchanged lastknownparent -csv
Will look something like
G:\>adfind -default -rb "cn=deleted objects" -showdel -f "&(|(objectclass=user)(objectclass=organizationalunit)(objectclass=group))(whenchanged>=20071113000000.0Z)" samaccountname objectsid whencreated whenchanged lastknownparent -csv
"dn","samaccountname","objectsid","whencreated","whenchanged","lastknownparent"
"OU=mytestou\0ADEL:20f49eb1-34ea-4a5c-8c2b-f697ad522e8d,CN=Deleted Objects,DC=test,DC=loc","","","20080813151117.0Z","20080813151123.0Z","DC=test,DC=loc"
"CN=testjonuser\0ADEL:6ae9b225-adb6-4729-98fc-70d13887f51f,CN=Deleted Objects,DC=test,DC=loc","testjonuser","S-1-5-21-91850410-1263060417-3577111226-725609","20080929190914.0Z","20080929191042.0Z","CN=Users,DC=test,DC=loc"
"CN=adorgtest\0ADEL:72efbac0-b85f-4275-a0ab-38ed91dc860b,CN=Deleted Objects,DC=test,DC=loc","adorgtest","S-1-5-21-91850410-1263060417-3577111226-726104","20081206051634.0Z","20081206051650.0Z","CN=Users,DC=test,DC=loc"
Looks rough due to line length sorry....
joe
--
O'Reilly Active Directory Fourth Edition - http://www.joeware.net/win/ad4e.htm
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Yann
Sent: Saturday, December 13, 2008 8:19 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] AD reports on deleted objects
hello all ,
for statistcs purposes, i need to dump in a csv, excel format:
-deleted users, groups and OUs since a certain date, say 1 month..
I try scripting with ADO or adsi but seems not to work. I use my domain admin account to run the script against the deleted objects container, so i'm sure it is not a privilege issue.
Is there a way to dump these infos without using third party software ?
thanks for assistance
| | | |
| listmail
Posts:821
| | 12/14/2008 11:28 AM |
| Correct, there is no way to submit arbitrary server controls with those
tools. You either need a tool that allows you to specify the controls
manually like LDP or something that does it based on specific switches or
base functionality like adfind/admod or sysinternals deleted object tool or
write your own compiled code.
joe
--
O'Reilly Active Directory Fourth Edition -
http://www.joeware.net/win/ad4e.htm
_____
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Gil Kirkpatrick
Sent: Sunday, December 14, 2008 9:50 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD reports on deleted objects
Control's aren't part of the search filter; they are specified separately.
Looking at the command-line parameters for dsquery, I don't think it's
possible to search the CN=Deleted Objects container.
-gil
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Jesse
Sent: Sunday, December 14, 2008 2:08 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD reports on deleted objects
How can I query the Deleted Objects container with a standard tool, like
dsquery.
I've tried adding the "Return deleted objects" control to a query in
different ways:
<cmd>
C:\>dsquery * -filter "(isDeleted:1.2.840.113556.1.4.417:=*)"
C:\>dsquery * "CN:1.2.840.113556.1.4.417:=Deleted Objects,DC=lab,DC=local"
dsquery failedirectory object not found.
</cmd>
Is something like this possible?
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of joe
Sent: Saturday, December 13, 2008 5:33 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD reports on deleted objects
As an admin (by default) and all one line (beware cut and paste because
sometimes the characters get changed so best to just type the command) run
the command
adfind -default -rb "cn=deleted objects" -showdel -f
"&(|(objectclass=user)(objectclass=organizationalunit)(objectclass=group))(w
henchanged>=20071113000000.0Z)" samaccountname objectsid whencreated
whenchanged lastknownparent -csv
Will look something like
G:\>adfind -default -rb "cn=deleted objects" -showdel -f
"&(|(objectclass=user)(objectclass=organizationalunit)(objectclass=group))(w
henchanged>=20071113000000.0Z)" samaccountname objectsid whencreated
whenchanged lastknownparent -csv
"dn","samaccountname","objectsid","whencreated","whenchanged","lastknownpare
nt"
"OU=mytestou\0ADEL:20f49eb1-34ea-4a5c-8c2b-f697ad522e8d,CN=Deleted
Objects,DC=test,DC=loc","","","20080813151117.0Z","20080813151123.0Z","DC=te
st,DC=loc"
"CN=testjonuser\0ADEL:6ae9b225-adb6-4729-98fc-70d13887f51f,CN=Deleted
Objects,DC=test,DC=loc","testjonuser","S-1-5-21-91850410-1263060417-35771112
26-725609","20080929190914.0Z","20080929191042.0Z","CN=Users,DC=test,DC=loc"
"CN=adorgtest\0ADEL:72efbac0-b85f-4275-a0ab-38ed91dc860b,CN=Deleted
Objects,DC=test,DC=loc","adorgtest","S-1-5-21-91850410-1263060417-3577111226
-726104","20081206051634.0Z","20081206051650.0Z","CN=Users,DC=test,DC=loc"
Looks rough due to line length sorry....
joe
--
O'Reilly Active Directory Fourth Edition -
http://www.joeware.net/win/ad4e.htm
_____
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Yann
Sent: Saturday, December 13, 2008 8:19 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] AD reports on deleted objects
hello all ,
for statistcs purposes, i need to dump in a csv, excel format:
-deleted users, groups and OUs since a certain date, say 1 month..
I try scripting with ADO or adsi but seems not to work. I use my domain
admin account to run the script against the deleted objects container, so
i'm sure it is not a privilege issue.
Is there a way to dump these infos without using third party software ?
thanks for assistance
| | | |
| jse79
Posts:4
| | 12/14/2008 11:41 AM |
| But controls CAN be used in search filters.
<cmd>
C:\>dsquery * -filter "(userAccountControl:1.2.840.113556.1.4.803:=2)"
</cmd>
This uses the "LDAP Matching Rule" control [ 1.2.840.113556.1.4.803 ]. And
of course, the command-line " /? " output says nothing about using a control
in this way.
I was hoping that the "Return Deleted Objects" control [
1.2.840.113556.1.4.417 ] could be used in a similar fashion.
So, the ONLY way to query the Deleted Objects container with standard MS
tools is to use LDP.exe? (which never seems to work for me either) That just
can't be right.
Thanks.
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Gil Kirkpatrick
Sent: Sunday, December 14, 2008 3:50 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD reports on deleted objects
Control's aren't part of the search filter; they are specified separately.
Looking at the command-line parameters for dsquery, I don't think it's
possible to search the CN=Deleted Objects container.
-gil
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Jesse
Sent: Sunday, December 14, 2008 2:08 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD reports on deleted objects
How can I query the Deleted Objects container with a standard tool, like
dsquery.
I've tried adding the "Return deleted objects" control to a query in
different ways:
<cmd>
C:\>dsquery * -filter "(isDeleted:1.2.840.113556.1.4.417:=*)"
C:\>dsquery * "CN:1.2.840.113556.1.4.417:=Deleted Objects,DC=lab,DC=local"
dsquery failedirectory object not found.
</cmd>
Is something like this possible?
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of joe
Sent: Saturday, December 13, 2008 5:33 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD reports on deleted objects
As an admin (by default) and all one line (beware cut and paste because
sometimes the characters get changed so best to just type the command) run
the command
adfind -default -rb "cn=deleted objects" -showdel -f
"&(|(objectclass=user)(objectclass=organizationalunit)(objectclass=group))(w
henchanged>=20071113000000.0Z)" samaccountname objectsid whencreated
whenchanged lastknownparent -csv
Will look something like
G:\>adfind -default -rb "cn=deleted objects" -showdel -f
"&(|(objectclass=user)(objectclass=organizationalunit)(objectclass=group))(w
henchanged>=20071113000000.0Z)" samaccountname objectsid whencreated
whenchanged lastknownparent -csv
"dn","samaccountname","objectsid","whencreated","whenchanged","lastknownpare
nt"
"OU=mytestou\0ADEL:20f49eb1-34ea-4a5c-8c2b-f697ad522e8d,CN=Deleted
Objects,DC=test,DC=loc","","","20080813151117.0Z","20080813151123.0Z","DC=te
st,DC=loc"
"CN=testjonuser\0ADEL:6ae9b225-adb6-4729-98fc-70d13887f51f,CN=Deleted
Objects,DC=test,DC=loc","testjonuser","S-1-5-21-91850410-1263060417-35771112
26-725609","20080929190914.0Z","20080929191042.0Z","CN=Users,DC=test,DC=loc"
"CN=adorgtest\0ADEL:72efbac0-b85f-4275-a0ab-38ed91dc860b,CN=Deleted
Objects,DC=test,DC=loc","adorgtest","S-1-5-21-91850410-1263060417-3577111226
-726104","20081206051634.0Z","20081206051650.0Z","CN=Users,DC=test,DC=loc"
Looks rough due to line length sorry....
joe
--
O'Reilly Active Directory Fourth Edition -
http://www.joeware.net/win/ad4e.htm
_____
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Yann
Sent: Saturday, December 13, 2008 8:19 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] AD reports on deleted objects
hello all ,
for statistcs purposes, i need to dump in a csv, excel format:
-deleted users, groups and OUs since a certain date, say 1 month..
I try scripting with ADO or adsi but seems not to work. I use my domain
admin account to run the script against the deleted objects container, so
i'm sure it is not a privilege issue.
Is there a way to dump these infos without using third party software ?
thanks for assistance
| | | |
| Gil
Posts:311
| | 12/14/2008 11:55 AM |
| Well, that isn't actually a control. It's a matching rule. Totally different things, although they are both identified by OIDs. But I am picking nits .
http://technet.microsoft.com/en-us/magazine/cc137800.aspx shows how to use LDP to display and reanimate deleted objects.
joe alluded to adrestore from Sysinternals (now part of Microsoft). It really simplifies the process. It's available at http://www.microsoft.com/technet/sysinternals/utilities/AdRestore.mspx.
-gil
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Jesse
Sent: Sunday, December 14, 2008 9:43 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD reports on deleted objects
But controls CAN be used in search filters...
<cmd>
C:\>dsquery * -filter "(userAccountControl:1.2.840.113556.1.4.803:=2)"
</cmd>
This uses the "LDAP Matching Rule" control [ 1.2.840.113556.1.4.803 ]. And of course, the command-line " /? " output says nothing about using a control in this way...
I was hoping that the "Return Deleted Objects" control [ 1.2.840.113556.1.4.417 ] could be used in a similar fashion...
So, the ONLY way to query the Deleted Objects container with standard MS tools is to use LDP.exe? (which never seems to work for me either) That just can't be right...
Thanks...
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Gil Kirkpatrick
Sent: Sunday, December 14, 2008 3:50 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD reports on deleted objects
Control's aren't part of the search filter; they are specified separately. Looking at the command-line parameters for dsquery, I don't think it's possible to search the CN=Deleted Objects container.
-gil
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Jesse
Sent: Sunday, December 14, 2008 2:08 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD reports on deleted objects
How can I query the Deleted Objects container with a standard tool, like dsquery...
I've tried adding the "Return deleted objects" control to a query in different ways:
<cmd>
C:\>dsquery * -filter "(isDeleted:1.2.840.113556.1.4.417:=*)"
C:\>dsquery * "CN:1.2.840.113556.1.4.417:=Deleted Objects,DC=lab,DC=local"
dsquery failedirectory object not found.
</cmd>
Is something like this possible?
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of joe
Sent: Saturday, December 13, 2008 5:33 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD reports on deleted objects
As an admin (by default) and all one line (beware cut and paste because sometimes the characters get changed so best to just type the command) run the command
adfind -default -rb "cn=deleted objects" -showdel -f "&(|(objectclass=user)(objectclass=organizationalunit)(objectclass=group))(whenchanged>=20071113000000.0Z)" samaccountname objectsid whencreated whenchanged lastknownparent -csv
Will look something like
G:\>adfind -default -rb "cn=deleted objects" -showdel -f "&(|(objectclass=user)(objectclass=organizationalunit)(objectclass=group))(whenchanged>=20071113000000.0Z)" samaccountname objectsid whencreated whenchanged lastknownparent -csv
"dn","samaccountname","objectsid","whencreated","whenchanged","lastknownparent"
"OU=mytestou\0ADEL:20f49eb1-34ea-4a5c-8c2b-f697ad522e8d,CN=Deleted Objects,DC=test,DC=loc","","","20080813151117.0Z","20080813151123.0Z","DC=test,DC=loc"
"CN=testjonuser\0ADEL:6ae9b225-adb6-4729-98fc-70d13887f51f,CN=Deleted Objects,DC=test,DC=loc","testjonuser","S-1-5-21-91850410-1263060417-3577111226-725609","20080929190914.0Z","20080929191042.0Z","CN=Users,DC=test,DC=loc"
"CN=adorgtest\0ADEL:72efbac0-b85f-4275-a0ab-38ed91dc860b,CN=Deleted Objects,DC=test,DC=loc","adorgtest","S-1-5-21-91850410-1263060417-3577111226-726104","20081206051634.0Z","20081206051650.0Z","CN=Users,DC=test,DC=loc"
Looks rough due to line length sorry....
joe
--
O'Reilly Active Directory Fourth Edition - http://www.joeware.net/win/ad4e.htm
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Yann
Sent: Saturday, December 13, 2008 8:19 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] AD reports on deleted objects
hello all ,
for statistcs purposes, i need to dump in a csv, excel format:
-deleted users, groups and OUs since a certain date, say 1 month..
I try scripting with ADO or adsi but seems not to work. I use my domain admin account to run the script against the deleted objects container, so i'm sure it is not a privilege issue.
Is there a way to dump these infos without using third party software ?
thanks for assistance
| | | |
| jse79
Posts:4
| | 12/14/2008 1:08 PM |
| Yeah - I guess the OID values (looking the same and all) made me assume that
they are both the controls.
Gil, I have read your blog before about the reanimation. Great info.
And I guess now that Sysinternals is (has been) a part of MS, I can consider
that a "standard" tool.
Anyways, thanks for the clarification Joe & Gil!
I just wanted to make sure I really couldn't do what I wanted w- dsquery.
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Gil Kirkpatrick
Sent: Sunday, December 14, 2008 5:51 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD reports on deleted objects
Well, that isn't actually a control. It's a matching rule. Totally different
things, although they are both identified by OIDs. But I am picking nits J.
http://technet.microsoft.com/en-us/magazine/cc137800.aspx shows how to use
LDP to display and reanimate deleted objects.
joe alluded to adrestore from Sysinternals (now part of Microsoft). It
really simplifies the process. It's available at
http://www.microsoft.com/technet/sysinternals/utilities/AdRestore.mspx.
-gil
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Jesse
Sent: Sunday, December 14, 2008 9:43 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD reports on deleted objects
But controls CAN be used in search filters.
<cmd>
C:\>dsquery * -filter "(userAccountControl:1.2.840.113556.1.4.803:=2)"
</cmd>
This uses the "LDAP Matching Rule" control [ 1.2.840.113556.1.4.803 ]. And
of course, the command-line " /? " output says nothing about using a control
in this way.
I was hoping that the "Return Deleted Objects" control [
1.2.840.113556.1.4.417 ] could be used in a similar fashion.
So, the ONLY way to query the Deleted Objects container with standard MS
tools is to use LDP.exe? (which never seems to work for me either) That just
can't be right.
Thanks.
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Gil Kirkpatrick
Sent: Sunday, December 14, 2008 3:50 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD reports on deleted objects
Control's aren't part of the search filter; they are specified separately.
Looking at the command-line parameters for dsquery, I don't think it's
possible to search the CN=Deleted Objects container.
-gil
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Jesse
Sent: Sunday, December 14, 2008 2:08 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD reports on deleted objects
How can I query the Deleted Objects container with a standard tool, like
dsquery.
I've tried adding the "Return deleted objects" control to a query in
different ways:
<cmd>
C:\>dsquery * -filter "(isDeleted:1.2.840.113556.1.4.417:=*)"
C:\>dsquery * "CN:1.2.840.113556.1.4.417:=Deleted Objects,DC=lab,DC=local"
dsquery failedirectory object not found.
</cmd>
Is something like this possible?
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of joe
Sent: Saturday, December 13, 2008 5:33 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD reports on deleted objects
As an admin (by default) and all one line (beware cut and paste because
sometimes the characters get changed so best to just type the command) run
the command
adfind -default -rb "cn=deleted objects" -showdel -f
"&(|(objectclass=user)(objectclass=organizationalunit)(objectclass=group))(w
henchanged>=20071113000000.0Z)" samaccountname objectsid whencreated
whenchanged lastknownparent -csv
Will look something like
G:\>adfind -default -rb "cn=deleted objects" -showdel -f
"&(|(objectclass=user)(objectclass=organizationalunit)(objectclass=group))(w
henchanged>=20071113000000.0Z)" samaccountname objectsid whencreated
whenchanged lastknownparent -csv
"dn","samaccountname","objectsid","whencreated","whenchanged","lastknownpare
nt"
"OU=mytestou\0ADEL:20f49eb1-34ea-4a5c-8c2b-f697ad522e8d,CN=Deleted
Objects,DC=test,DC=loc","","","20080813151117.0Z","20080813151123.0Z","DC=te
st,DC=loc"
"CN=testjonuser\0ADEL:6ae9b225-adb6-4729-98fc-70d13887f51f,CN=Deleted
Objects,DC=test,DC=loc","testjonuser","S-1-5-21-91850410-1263060417-35771112
26-725609","20080929190914.0Z","20080929191042.0Z","CN=Users,DC=test,DC=loc"
"CN=adorgtest\0ADEL:72efbac0-b85f-4275-a0ab-38ed91dc860b,CN=Deleted
Objects,DC=test,DC=loc","adorgtest","S-1-5-21-91850410-1263060417-3577111226
-726104","20081206051634.0Z","20081206051650.0Z","CN=Users,DC=test,DC=loc"
Looks rough due to line length sorry....
joe
--
O'Reilly Active Directory Fourth Edition -
http://www.joeware.net/win/ad4e.htm
_____
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Yann
Sent: Saturday, December 13, 2008 8:19 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] AD reports on deleted objects
hello all ,
for statistcs purposes, i need to dump in a csv, excel format:
-deleted users, groups and OUs since a certain date, say 1 month..
I try scripting with ADO or adsi but seems not to work. I use my domain
admin account to run the script against the deleted objects container, so
i'm sure it is not a privilege issue.
Is there a way to dump these infos without using third party software ?
thanks for assistance
| | | |
|
|