Powershell Script to find out Orphan Users ( Who are no longer available in AD but SharePoint) in SharePoint 2013

Similar Messages

• Deactivate users who are no longer exist in AD but were added into resource pool

  Hello forum members,
  does anyone know how to deactivate users who are no longer exist in AD , but were added into resource pool?
  I an trying to write some code that would update a custom value for each resource, but my code breaks whenever it encounters a resource that is not longer exists in AD. Any suggestions are appreciated.
    // Modify the resources, code was taken from http://msdn.microsoft.com/en-us/library/websvcresource.resource.updateresources(v=office.12).ASPX
                  foreach (SvcResource.ResourceDataSet.ResourcesRow resourceRow in resourceDs.Resources)
                      Console.WriteLine("Check out " + resourceRow.RES_NAME);
                      if (resourceRow.IsRES_CHECKOUTBYNull())
                          resourceSvc.CheckOutResources(new Guid[] { resourceRow.RES_UID });
                          checkedOut = true;
                      else
                          if (resourceRow.RES_CHECKOUTBY == me)
                              checkedOut = true;
                          else
                              checkedOut = false;
                              Console.WriteLine("\tCan't check out this resource, skip updating this one.");
                      if (checkedOut)
                          SvcResource.ResourceDataSet updateDs = resourceSvc.ReadResource(resourceRow.RES_UID);
                              if (resourceRow.RES_TYPE <= (int)PSLibrary.Resource.Type.INACTIVATED_OFFSET)
                                  updateDs.Resources[0].RES_CODE = "A" + rand.Next(1000, 9999);
                                  Console.WriteLine("Update RES_CODE to " + updateDs.Resources[0].RES_CODE);
                                  resourceSvc.UpdateResources(updateDs, false, false);
                                  Console.WriteLine("Check in " + resourceRow.RES_NAME);
                                  resourceSvc.CheckInResources(new Guid[] { resourceRow.RES_UID }, false);
                      Console.ForegroundColor = ConsoleColor.Yellow;
                      Console.WriteLine("".PadRight(30, '-'));
                      Console.ResetColor();
  tatiana

  This is the logic I used:
  1) Try to inactivate the user
  2) If it fails with "AdminNTAccountNotFound" then delete
  try {
  using( OperationContextScope ocs = new OperationContextScope( resourceClient.InnerChannel ) ) {
  resourceClient.CheckOutResources( new Guid[] { resourceUID } );
  // Perform the update
  rsDS = ( SvcResource.ResourceDataSet ) rsDS.GetChanges();
  resourceClient.UpdateResources( rsDS, false, true );
  catch( Exception ex ) {
  if( ex.Message.Contains( "AdminNTAccountNotFound" ) ) {
  try {
  resourceClient.CheckInResources( new Guid[] { resourceUID }, true );
  catch {
  //The resource does not have a valid account, deleting...
  using( OperationContextScope ocs = new OperationContextScope( resourceClient.InnerChannel ) ) {
  resourceClient.CheckOutResources( new Guid[] { resourceUID } );
  resourceClient.DeleteResources( new Guid[] { resourceUID }, "No longer in RBS structure and/or AD" );
  120811049008

• Find out the users who are performing operation on a table - point of time

  Can anyone help me to find out who is performing a table level operation on some table at a time. For ex., table "emp" at a point of time who are all the users connected and accessing this table as i am getting a "resource busy" when i try to drop an index.
  Regards,
  G.Santhoshkumar.

  You could try something like the following :
  SYS@db102 SQL> select username, sid, serial#
    2  from v$session s, v$locked_object l, dba_objects o
    3  where s.sid = l.session_id
    4  and l.object_id = o.object_id
    5  and object_name = 'EMP';

• Script to find out that users do not have inheritable permission checked

  Hi all,
  I just check our AD (windows 2003 R2) and some users have "allow inheritable permissions from the parent to propagate to this object and all child objects.  include these with entries expilitly defined here" checked  if I open active directory
  users and computers console and highlight this user and go to properties and select security and click advanced).  some users do not have ""allow inheritable permissions from the parent to propagate to this object and all child objects. " checked.
  Is there a way to script to find out which users do not have "allow inheritable permissions from the parent to propagate to this object and all child objects. .." checked?
  Thank you for your help.

  There are several ways to use ADO in a VBScript program. The alternative below uses an ADO command object, so we can specify a "Page Size". This overcomes the 1000 (or 1500) limit on records returned, as it turns on paging. I have also modified
  the script for comma delimited output. This script should be run at a command prompt so the output can be redirected to a text file. For example:
  cscript //nologo FindUsers.vbs > report.csv
  The modified script follows:
  Option Explicit
  Dim adoCommand, adoConnection, strBase, strFilter, strAttributes
  Dim objRootDSE, strDNSDomain, strQuery, adoRecordset, strNTName, strDN
  Dim objUser, objSecurityDescriptor, intNTSecDescCntrl, strInheritable
  Const SE_DACL_PROTECTED = &H1000
  ' Setup ADO objects.
  Set adoCommand = CreateObject("ADODB.Command")
  Set adoConnection = CreateObject("ADODB.Connection")
  adoConnection.Provider = "ADsDSOObject"
  adoConnection.Open "Active Directory Provider"
  Set adoCommand.ActiveConnection = adoConnection
  ' Search entire Active Directory domain.
  Set objRootDSE = GetObject("LDAP://RootDSE")
  strDNSDomain = objRootDSE.Get("defaultNamingContext")
  strBase = "<LDAP://" & strDNSDomain & ">"
  ' Filter on user objects.
  strFilter = "(&(objectCategory=person)(objectClass=user))"
  ' Comma delimited list of attribute values to retrieve.
  strAttributes = "distinguishedName,sAMAccountName"
  ' Construct the LDAP syntax query.
  strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
  adoCommand.CommandText = strQuery
  adoCommand.Properties("Page Size") = 500
  adoCommand.Properties("Timeout") = 30
  adoCommand.Properties("Cache Results") = False
  ' Run the query.
  Set adoRecordset = adoCommand.Execute
  ' Enumerate the resulting recordset.
  ' Write a header line.
  Wscript.Echo """NT Name"",""Distinguished Name"",""Allow inheritable permissions"""
  Do Until adoRecordset.EOF
  ' Retrieve values.
  strNTName = adoRecordset.Fields("sAMAccountName").Value
  strDN = adoRecordset.Fields("distinguishedName").Value
  strDN = Replace(strDN, "/", "\/")
  Set objUser = GetObject("LDAP://" & strDN)
  Set objSecurityDescriptor = objUser.Get("ntSecurityDescriptor")
  intNtSecDescCntrl = objSecurityDescriptor.Control
  If (intNtSecDescCntrl And SE_DACL_PROTECTED) <> 0 Then
  strInheritable = "Disabled"
  Else
  strInheritable = "Enabled"
  End If
  Wscript.Echo """" & strNTName & """,""" & strDN & """," & strInheritable
  ' Move to the next record in the recordset.
  adoRecordset.MoveNext
  Loop
  ' Clean up.
  adoRecordset.Close
  adoConnection.Close
  Richard Mueller
  MVP ADSI

• How to find out the user who has created  a new field in the custom table.

  How to find out the user details who has created  a new field in the custom table.
  Thanks,
  Joan

  Hi Jesudasan ,
  You can know the user details with version management.Please find the
  below procedure to know.
  Go to table->Utilities tab->version->Version management->Compare the previous one .
  Hope this solves the issue,Let me know if you have any issues.
  Thanks,
  Rajani

• How to find out list user who did the printing

  Dear All,
  We are using network print server using HP LaserJet 5550 and jetdirect, since our number of users is more than 500 staff in one place, sometimes they do the unresponsible printing such as print full color photos for personal use, print a novel and anything that not related to the business purpose.
  Today, our director found out that someone print out a whole story book and spend a lot of paper... he challenge me to find out who is the user who did this? I can log on to the printer web console, but I can't find user log printing...
  Any help will be much appreciated.
  Thanks & Regards,
  Franky

  This seems to be a commercial product. For the best chance at finding a solution I would suggest posting in the forum for HP Business Support!
  You can find the Commercial Jetdirect board here:
  http://h30499.www3.hp.com/t5/Print-Servers-Network​-Storage/bd-p/bsc-254
  Best of Luck!
  You can say thanks by clicking the Kudos Star in my post. If my post resolves your problem, please mark it as Accepted Solution so others can benefit too.

• To find out the user who ran the report earlier.

  Hi,
  I need to generate a report to list out the programs which are accessed/executed by the user in SAP for a particular month.
  Could you advise me where this information will be available in SAP?.
  Thanks,
  Moderator Message: Frequently Asked Question. Please search for available information first.
  Edited by: kishan P on Oct 22, 2010 10:35 AM

  Hello Zerandib,
  on Oracle level all you could find out is that user SAPSR3 (or whatever the schema name
  is on your installation) deleted the record. It is not possible on Oracle level to identify
  SAP users who delete records. So if the SAP system doesn't log the change, there is
  no way of finding out via Oracle internal records.
  The best you could hope for is to identify the time when some specific record was deleted.
  You could use either Flashback Query, Flashback Version Query, Flashback Transaction
  Query or Oracle Logminer to accomplish this. Anyway these procedures aren't trivial and
  it is questionable whether the effort is justified for the result.
  Regards,
  Mark

• How to find out the user who locked the record

  i can't delete a particular record from a table while executing the delete command its showing an error specifying
  that "ORA-02049: timeout: distributed transaction waiting for lock"
  syntax i used
  delete from <table_name> where <column_name>='<value>'

  Hi,
  select username,lockwait,process,sql_hash_value from v$session. Find the user who is having more lock wait
  See the lock wait has more value notedown has_value
  select sql_text from v$sqltext where has_value="Noted value " find the query whether your table is calling by the user.

• How to find out the customers who are not performed transaction

  Hi Experts,
  My all transactions in my cube and my customer records in my master data now i want to find out the customers how didn't perform transaction..
  can somebody give me idea...
  Thanks
  Kiran Kumar

  Hi,
  possible solution:
  - make IObj customer as infoprovider (RSD1)
  - Create a multiprovider having your cube (your trans data) and your customer master
  - identify cube-customer with iobj-customer
  - create a query on thi multi and filter one of the characteristic of your cube, e.g. document number or calendar day, with # (not assigned)
  - drilldown the customer.
  This will give you all the customers having no fact in your transactional data.
  You can also have your query without the filter; in this case, one of your cube key figure will be 0 (or empty) for those customers...
  hope this helps
  Olivier..

• How to find out the user who modified formula

  Hi  Experts,
  How can I find the user ID who modified the formula in transfer rules?
  Thanks
  Manish

  you can check the infosource status, menu - extras - infosource status. there you will find info abt the comm and transfer structure, active and modified version, last changed, date, time etc. I dont think it would work if the structure has been changed after the structure has been changed with the formulas.

• My server is sending SPAM - how do I find out which user(s) are sending it?

  I just received a notice from my ISP that some SPAM was sent by my email server. He included samples of the spam. Unfortunately I can't find any info in the spam to tie it to an IP number that would help me find if one of my users is infected.
  I think I have the SMTP set so that it can only be used with authentication. We have had this set up for some time now (over two years at least) and this is our first instance.
  I'm concerned that one of my users on a PC is infected and using their smtp authentication to send this stuff.
  Any advice on where to go from here?
  I have included the results of postconf -n to see if I have any configuration problems.
  Thanks.
  alias_maps = hash:/etc/aliases
  command_directory = /usr/sbin
  config_directory = /etc/postfix
  content_filter = smtp-amavis:[127.0.0.1]:10024
  daemon_directory = /usr/libexec/postfix
  debugpeerlevel = 2
  enableserveroptions = yes
  inet_interfaces = all
  mail_owner = postfix
  mailbox_transport = cyrus
  mailq_path = /usr/bin/mailq
  manpage_directory = /usr/share/man
  mapsrbldomains =
  messagesizelimit = 15728640
  mydestination = $myhostname,localhost.$mydomain,localhost,zeryn.com
  mydomain = zeryn.com
  mydomain_fallback = localhost
  myhostname = mail.zeryn.com
  mynetworks = 127.0.0.1/32,65.39.65.22
  mynetworks_style = host
  newaliases_path = /usr/bin/newaliases
  ownerrequestspecial = no
  queue_directory = /private/var/spool/postfix
  readme_directory = /usr/share/doc/postfix
  recipient_delimiter = +
  sample_directory = /usr/share/doc/postfix/examples
  sendmail_path = /usr/sbin/sendmail
  setgid_group = postdrop
  smtpdclientrestrictions = permit_mynetworks rejectrblclient sbl-xbl.spamhaus.org permit
  smtpdpw_server_securityoptions = login,cram-md5,plain
  smtpdrecipientrestrictions = permitsasl_authenticated,permit_mynetworks,reject_unauthdestination,permit
  smtpdsasl_authenable = yes
  smtpduse_pwserver = yes
  unknownlocal_recipient_rejectcode = 550
  virtualaliasmaps = hash:/etc/postfix/virtual
  virtualmailboxdomains = hash:/etc/postfix/virtual_domains
  virtual_transport = lmtp:unix:/var/imap/socket/lmtp
  xserve Mac OS X (10.4.9)

  A list of the emails was sent to me, but I'm not sure there is enough header info in them to tell me what I want. However, I searched the log for the "from email" and found some at about the same time in the log. Here is the header and the parts of the log dealing with this email address:
  Email header? -------------
  From: "alisander gianni" <[email protected]>
  To: <Undisclosed Recipients>
  Subject: RE: Get the size that kills with enlargement pills. Try Advanced Gain Pro ***** Enlargement Pills.
  Date: Sun, 6 May 2007 07:43:43 -0700
  Message-ID: <357701c78fec$f1ee7960$0801010a@lye>
  MIME-Version: 1.0
  Content-Type: text/plain;
  charset="koi8-r"
  Content-Transfer-Encoding: 7bit
  X-Mailer: Microsoft Outlook Express 6.00.2900.2527
  Thread-Index: AceP7S2xF77i9UyvRp6aehJVe3GLbg==
  X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3028
  X-Sieve: CMU Sieve 2.2
  X-AOL-IP: 65.39.65.21 (<-- this is my server ip)
  SMTP log entries ------------
  May 6 07:44:49 zeryn postfix/smtpd[2846]: warning: 60.48.247.22: hostname tm.net.my verification failed: Host not found
  May 6 07:44:49 zeryn postfix/smtpd[2846]: connect from unknown[60.48.247.22]
  May 6 07:44:50 zeryn postfix/smtpd[2846]: 0621623D6EDE: client=unknown[60.48.247.22]
  May 6 07:44:50 zeryn postfix/cleanup[2850]: 0621623D6EDE: message-id=<357701c78fec$f1ee7960$0801010a@lye>
  May 6 07:44:50 zeryn postfix/qmgr[118]: 0621623D6EDE: from=<[email protected]>, size=1847, nrcpt=1 (queue active)
  May 6 07:44:50 zeryn postfix/smtpd[2853]: connect from localhost[127.0.0.1]
  May 6 07:44:50 zeryn postfix/smtpd[2853]: EC70A23D6EE1: client=localhost[127.0.0.1]
  May 6 07:44:50 zeryn postfix/cleanup[2850]: EC70A23D6EE1: message-id=<357701c78fec$f1ee7960$0801010a@lye>
  May 6 07:44:50 zeryn postfix/qmgr[118]: EC70A23D6EE1: from=<[email protected]>, size=2231, nrcpt=1 (queue active)
  May 6 07:44:50 zeryn postfix/smtpd[2853]: disconnect from localhost[127.0.0.1]
  May 6 07:44:51 zeryn postfix/smtp[2851]: 0621623D6EDE: to=<[email protected]>, relay=127.0.0.1[127.0.0.1], delay=2, status=sent (250 2.6.0 Ok, id=02590-09, from MTA: 250 Ok: queued as EC70A23D6EE1)
  May 6 07:44:51 zeryn postfix/qmgr[118]: 0621623D6EDE: removed
  May 6 07:44:51 zeryn postfix/pickup[2343]: 2501123D6EE5: uid=77 from=<[email protected]>
  May 6 07:44:51 zeryn postfix/lmtp[2854]: EC70A23D6EE1: to=<[email protected]>, relay=/var/imap/socket/lmtp[/var/imap/socket/lmtp], delay=1, status=sent (250 2.1.5 Ok)
  May 6 07:44:51 zeryn postfix/qmgr[118]: EC70A23D6EE1: removed
  May 6 07:44:51 zeryn postfix/cleanup[2850]: 2501123D6EE5: message-id=<357701c78fec$f1ee7960$0801010a@lye>
  May 6 07:44:51 zeryn postfix/qmgr[118]: 2501123D6EE5: from=<[email protected]>, size=2510, nrcpt=1 (queue active)
  May 6 07:44:51 zeryn postfix/smtpd[2846]: disconnect from unknown[60.48.247.22]
  May 6 07:44:51 zeryn postfix/smtpd[2853]: connect from localhost[127.0.0.1]
  May 6 07:44:51 zeryn postfix/smtpd[2853]: 3949F23D6EE8: client=localhost[127.0.0.1]
  May 6 07:44:51 zeryn postfix/cleanup[2850]: 3949F23D6EE8: message-id=<357701c78fec$f1ee7960$0801010a@lye>
  May 6 07:44:51 zeryn postfix/qmgr[118]: 3949F23D6EE8: from=<[email protected]>, size=2874, nrcpt=1 (queue active)
  May 6 07:44:51 zeryn postfix/smtpd[2853]: disconnect from localhost[127.0.0.1]
  I'm not sure how to read the log file. Is there something here out of the ordinary? Does the server consider these valid users/email?

• Find out what user accounts are tied to

  Spicework Team,Wanted to know some thoughts on when an employee leaves the company. We have a employee termination sheet that we go through when someone leaves the company. My question is we recently had somebody from our IT department leave who has been here 14 years, so of course there are many more things added to that termination sheet that need to be addressed. I have been making an entirely different sheet up if they are a member of the IT department. I have gotten just about everything we can think of, but the one question I have is there an easy way to see if an admin account is being used for authentication etc? My issue is we have to change the domain admin account now, and I have been going through some of our servers (SharePoint being one of them) and sorting the services by log on and found a bunch of services that are...

  Dropbox for Business customers are big sharers. But while using Dropbox to share your files is easy, collecting files from other people can be more difficult. So today, we’re excited to introduce a new way for Dropbox for Business users to get the files they need: file requests.File requests are a fast and easy way to collect files — large or small — from partners, clients, vendors, and anyone else you work with. Here are just a few people we had in mind when we built file requests for our Dropbox for Business customers:Teachers and professorsneeding a way to easily collect papers from dozens of studentsAssistants and coordinatorsspending a lot of time gathering receipts and invoicesEvent plannersrequesting assets and contracts up until the day of an eventReal estate agentsgathering hundreds of applications for new propertiesIf any of...

• Using powershell to find out how many people are using the on-prem SkyDrive

  Hi
  Is there a way of using powershell to find out how many people are using the on-prem SkyDrive?
  Thank you.

  Hi,
  According to your post, my understanding is that you wanted to use PowerShell to find out the users who use the on premise SkyDrive.
  As this is the forum for SharePoint Server, I recommend you post your question to the forum for PowerShell or SkyDrive.
  Windows PowerShell forum:
  http://social.technet.microsoft.com/Forums/windowsserver/en-US/home?forum=winserverpowershell
  SkyDrive forum:
  http://answers.microsoft.com/en-us/onedrive/forum/sdsignin?tab=Threads
  Thanks,
  Jason
  Forum Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
  [email protected]
  Jason Guo
  TechNet Community Support

• How to find out which user processed an action at runtime?

  Hi all,
  Is there any way to find out the user who processed an action at runtime? Is there a predifined CA for this or should I do a bit of development?
  I need this information in the next action after that.
  Thanks!

  what you mean by group of users.....
  whether all the users are using the same user name ?
  if it is not like that we can get the user name of the current logged in user .
  using the following code.
  IWDClientUser wdUser = WDClientUser.getCurrentUser();
  with regards
  shanto aloor

• How to find out which user has the permission to execute startsap ?

  Hi All
  How do I find out which user has the permission to execute the startsap and stopsap? Do I control the permission on those script using windows standard authorization? For example: only allow certain user have the read and write permission?
  Thank you.!
  Vincent Lo

  Well to me this is really weird question..
  <b>noone un-authorized should have access to OS on your system</b>
  If this is valid you do not need to solve problems who can and who cannot start/stop SAP, because if you want to prevent some users from shutting down the SAP you have really hard job to do - there are many ways how to kill the SAP (for example killing relevant process from task manager, killing of database, messing with services etc.) - yes, this is harmful way of stopping SAP, but we are talking about attack, right? I would contact some Windows specialist to help you disable all the ways how to harm the running SAP. But still after that - there are many files that can be modified/deleted so SAP will crash after restart - you need to protect them too, etc.
  In case you take the first assumption as granted (and you really limit access to this server) you do not need to worry who can stop or start SAP - at the other hand it may be handy to be able to start/stop SAP from other users - for this you can run the stop/start script "under different user".
  But to answer the question - to me this is question just of access control (but really never tried that myself):
  <a href="http://technet2.microsoft.com/WindowsServer/en/library/c6413717-511e-42bd-bd81-82431afe4b2a1033.mspx">Permit or restrict access to a snap-in for a domain</a> (or see other related links down there on this page)
  Please award points for useful answers.
  Thanks