1: function TombStonedObjects {
2: # create Directory Searcher object and set properties to search
3: # for tombstoned objects
4:
5: $ds = New-Object System.DirectoryServices.DirectorySearcher
6: $ds.Tombstone = $TRUE
7: $ds.Filter = "isDeleted=TRUE"
8:
9: # Query for objects and filter for DN
10: $DSResults=$DS.FindAll() select path
11:
12: # Build simple RegExp to get just Common Name
13: $r=[regex]"(?<=CN=).+(?=\\)"
14: $DSR2=$DSResults % { $r.Matches($_);$script:delCount++}
15: foreach ($DSobject in $DSR2) { $delMessage += "Deleted object: " + $DSobject.value.trim() + "`n" }
16:
17: $delMessage
18:
19: # end function
20: }
I have this as a function so I can incorporate it into a larger script I have that audits the domain for "ADDED" computer and user objects. I will post that later.
You will also notice a Script Scope Variable named $script:delCount Although in this function it serves no purpose but in the larger domain audit script it will make sense.
No comments:
Post a Comment