|
 |  |  |  |  |  |  |
| Welcome to Windows Vista Forums. Our forum is dedicated to helping you find solutions with any problems, errors or issues you are experiencing with Windows Vista. The Vista forum also covers news and updates and has an extensive Windows Vista tutorial section that covers a wide range of tips and tricks. |
| |||||||
 |
| |
08-19-2008
| #1 (permalink) |
| | Script to show object owner in AD Hi- I've written a script to show all the objects created in AD in the last x number of days. I'd love to add the creator of the object to the output but can't figure out how to get this info. Does anyone have any insight into how this could be done? Thanks in advance Adrian |
My System Specs |
|
08-19-2008
| #2 (permalink) |
| | Re: Script to show object owner in AD Adrian wrote: Quote: > I've written a script to show all the objects created in AD in the > last x number of days. I'd love to add the creator of the object to > the output but can't figure out how to get this info. Does anyone have > any insight into how this could be done? enable auditing and read the event logs. -- Richard Mueller MVP Directory Services Hilltop Lab - http://www.rlmueller.net -- |
| My System Specs |
|
08-19-2008
| #3 (permalink) |
| | Re: Script to show object owner in AD What about the object owner? It looks like delegated users should own the objects they create, if I'm reading this correctly... http://technet.microsoft.com/en-us/l.../cc772912.aspx On Aug 19, 7:30*am, "Richard Mueller [MVP]" <rlmueller- nos...@xxxxxx> wrote: Quote: > Adrian wrote: Quote: > > I've written a script to show all the objects created in AD in the > > last x number of days. I'd love to add the creator of the object to > > the output but can't figure out how to get this info. Does anyone have > > any insight into how this could be done? > That information is not saved in AD. The only option I can think of is to > enable auditing and read the event logs. > > -- > Richard Mueller > MVP Directory Services > Hilltop Lab -http://www.rlmueller.net > -- |
| My System Specs |
|
08-19-2008
| #4 (permalink) |
| | Re: Script to show object owner in AD My guess is that the article is talking about the security descriptor owner. You'll have to convert to PowerShell, but in VBScript an example would be: ===== Set objUser = GetObject("LDAP://cn=Jim Smith,ou=West,dc=MyDomain,dc=com") Set objSecurityDescriptor = objUser.Get("ntSecurityDescriptor") strOwner = objSecurityDescriptor.Owner Wscript.Echo strOwner ==== The security descriptor owner is the form <NetBIOS domain name>\<sAMAccountName>. -- Richard Mueller MVP Directory Services Hilltop Lab - http://www.rlmueller.net -- <usenet@xxxxxx> wrote in message news:a932610c-97f0-45d6-adf3-9e9303a6205b@xxxxxx What about the object owner? It looks like delegated users should own the objects they create, if I'm reading this correctly... http://technet.microsoft.com/en-us/l.../cc772912.aspx On Aug 19, 7:30 am, "Richard Mueller [MVP]" <rlmueller- nos...@xxxxxx> wrote: Quote: > Adrian wrote: Quote: > > I've written a script to show all the objects created in AD in the > > last x number of days. I'd love to add the creator of the object to > > the output but can't figure out how to get this info. Does anyone have > > any insight into how this could be done? > That information is not saved in AD. The only option I can think of is to > enable auditing and read the event logs. > > -- > Richard Mueller > MVP Directory Services > Hilltop Lab -http://www.rlmueller.net > -- |
| My System Specs |
|
08-19-2008
| #5 (permalink) |
| | Re: Script to show object owner in AD Same thing using QAD cmdlets would be: Get-QADObjectSecurity 'Jim Smith' -Owner -- Dmitry Sotnikov http://dmitrysotnikov.wordpress.com "Richard Mueller [MVP]" wrote: Quote: > My guess is that the article is talking about the security descriptor owner. > You'll have to convert to PowerShell, but in VBScript an example would be: > ===== > Set objUser = GetObject("LDAP://cn=Jim Smith,ou=West,dc=MyDomain,dc=com") > Set objSecurityDescriptor = objUser.Get("ntSecurityDescriptor") > strOwner = objSecurityDescriptor.Owner > Wscript.Echo strOwner > ==== > The security descriptor owner is the form <NetBIOS domain > name>\<sAMAccountName>. > > -- > Richard Mueller > MVP Directory Services > Hilltop Lab - http://www.rlmueller.net > -- > > <usenet@xxxxxx> wrote in message > news:a932610c-97f0-45d6-adf3-9e9303a6205b@xxxxxx > What about the object owner? It looks like delegated users should own > the objects they create, if I'm reading this correctly... > http://technet.microsoft.com/en-us/l.../cc772912.aspx > > On Aug 19, 7:30 am, "Richard Mueller [MVP]" <rlmueller- > nos...@xxxxxx> wrote: Quote: > > Adrian wrote: Quote: > > > I've written a script to show all the objects created in AD in the > > > last x number of days. I'd love to add the creator of the object to > > > the output but can't figure out how to get this info. Does anyone have > > > any insight into how this could be done? > > That information is not saved in AD. The only option I can think of is to > > enable auditing and read the event logs. > > > > -- > > Richard Mueller > > MVP Directory Services > > Hilltop Lab -http://www.rlmueller.net > > -- > > |
| My System Specs |
|
08-21-2008
| #6 (permalink) |
| | Re: Script to show object owner in AD On Aug 19, 11:18*am, Dmitry Sotnikov <DSotnikovREMOVET...@xxxxxx> wrote: Quote: > Same thing using QAD cmdlets would be: > > Get-QADObjectSecurity 'Jim Smith' -Owner > > -- > Dmitry Sotnikovhttp://dmitrysotnikov.wordpress.com > > "Richard Mueller [MVP]" wrote: Quote: > > My guess is that the article is talking about the security descriptor owner. > > You'll have to convert to PowerShell, but in VBScript an example would be: > > ===== > > Set objUser = GetObject("LDAP://cn=Jim Smith,ou=West,dc=MyDomain,dc=com") > > Set objSecurityDescriptor = objUser.Get("ntSecurityDescriptor") > > strOwner = objSecurityDescriptor.Owner > > Wscript.Echo strOwner > > ==== > > The security descriptor owner is the form <NetBIOS domain > > name>\<sAMAccountName>. Quote: > > -- > > Richard Mueller > > MVP Directory Services > > Hilltop Lab -http://www.rlmueller.net > > -- Quote: > > <use...@xxxxxx> wrote in message > >news:a932610c-97f0-45d6-adf3-9e9303a6205b@xxxxxx > > What about the object owner? It looks like delegated users should own > > the objects they create, if I'm reading this correctly... > >http://technet.microsoft.com/en-us/l.../cc772912.aspx Quote: > > On Aug 19, 7:30 am, "Richard Mueller [MVP]" <rlmueller- > > nos...@xxxxxx> wrote: Quote: > > > Adrian wrote: > > > > I've written a script to show all the objects created in AD in the > > > > last x number of days. I'd love to add the creator of the object to > > > > the output but can't figure out how to get this info. Does anyone have > > > > any insight into how this could be done? Quote: Quote: > > > That information is not saved in AD. The only option I can think of is to > > > enable auditing and read the event logs. Quote: Quote: > > > -- > > > Richard Mueller > > > MVP Directory Services > > > Hilltop Lab -http://www.rlmueller.net > > > -- Adrian |
| My System Specs |
|
| Thread Tools | |
| |
Similar Threads | ||||
| Thread | Forum | |||
| using foreach-object as a parameter for another script | PowerShell | |||
| Powershell V/s VB script windows installer COM object | PowerShell | |||
| Change all references held by previous owner/administrator to new owner | System Security | |||
| Select-Object in PS1 Script Bug?! | PowerShell | |||
| WM won't show OLE Object: Microsoft Office Excel Worksheet | Vista mail | |||
