Skip to content
Menu
The Lonely Administrator
  • PowerShell Tips & Tricks
  • Books & Training
  • Essential PowerShell Learning Resources
  • Privacy Policy
  • About Me
The Lonely Administrator

Better Active Directory Reporting with PowerShell

Posted on March 18, 2021March 18, 2021

I've been using Active Directory for over 20 years. I was even one of the first 2000 IT Pros worldwide to obtain an MCSE on Windows 2000. Over the years, I've used a variety of management tools from command-line tools, to VBScript, and eventually PowerShell. Like many of you, I've used the ActiveDirectory module from Microsoft since its introduction. And probably like you, have shared the same frustrations in using it. But, I have some answers. And to be clear, I'm talking about on-premise installations of Active Directory. I have had no reason to dive into Azure Active Directory so I'm not going to speak to that technology.

Manage and Report Active Directory, Exchange and Microsoft 365 with
ManageEngine ADManager Plus - Download Free Trial

Exclusive offer on ADManager Plus for US and UK regions. Claim now!

The first thing we have to accept is that the ActiveDirectory (AD) module is a framework. Whereas other modules, like Hyper-V, have commands that are complete and self-contained. When I run Get-VM, I know exactly what I am going to get. The AD module is different. The commands are designed so that you have to decide what you want. The object output is typically unformatted and essentially raw. It is up to the IT Pro to build tooling around this framework. You need to create scripts and functions that wrap around the AD commands. I know that can be a tedious task.

During the course of conversations with my friend and AD admin, Gladys Kravitz, I realized I needed to build a solid reporting tool around Active Directory. I had a library of scripts and functions I have written over the years, including a few that I've written about here recently. Thus was born ADReportingTools.

ADReportingTools

This module is a set of commands that wrap around the AD module. The assumption is that you will run the commands from your Windows 10 desktop. I wanted a toolset that would make it easier to get information out of Active Directory in an easy-to-use form. The module includes custom type and format files so that the results are immediately meaningful. Of course, there is often a rich object you can work with. But I wanted to make things easy. Such as seeing the members of a group.

Many of the formatting files use ANSI to convey additional information. In this case, disabled accounts are reflected in red. Or checking the health of your domain controllers.

Or getting a list of groups.

Distribution groups are shown in green. Member counts of 0 are in red.

I also have a few commands to generate HTML reports.

The module is designed only to get information. There are no commands to manage AD objects. This is strictly a reporting or information-gathering module.

Try It

The module is currently available as a preview from the PowerShell Gallery.

Install-Module -name ADReportingTools -AllowPrerelease

You will need the AD RSAT tools installed.

Get-WindowsCapability -Online -Name RSAT.Active* | Add-WindowsCapability -online

Once installed, run Get-ADReportingTools to get a summary list of commands. I also encourage you to take a look at the README file in the GitHub repository.

I expect the next release will be 1.0.0, but I'd love to get some feedback. What commands need tweaking? What kind of reporting or information are you trying to get out of AD? I have enabled Discussions in the repo and encourage you to share feedback there. If you encounter a bug or problem with one of the commands, please post an Issue. I'm especially curious as to how the module works in the real world. My test domain is not large and definitely not complex, so I'm hoping you'll share your experiences with the module.


Behind the PowerShell Pipeline

Share this:

  • Click to share on X (Opens in new window) X
  • Click to share on Facebook (Opens in new window) Facebook
  • Click to share on Mastodon (Opens in new window) Mastodon
  • Click to share on LinkedIn (Opens in new window) LinkedIn
  • Click to share on Pocket (Opens in new window) Pocket
  • Click to share on Reddit (Opens in new window) Reddit
  • Click to print (Opens in new window) Print
  • Click to email a link to a friend (Opens in new window) Email

Like this:

Like Loading...

Related

6 thoughts on “Better Active Directory Reporting with PowerShell”

  1. Pingback: ICYMI: PowerShell Week of 19-March-2021 – PowerShell.org
  2. mattmanstl says:
    March 19, 2021 at 11:12 am

    Jeff, Great article! I’ll be checking this out in my neck of the woods to see how it works. Thanks for sharing!

  3. chadspecht says:
    March 22, 2021 at 3:24 pm

    This is very good stuff – thank you Jeff!

  4. Pingback: Active Directory Reporting Tools Released • The Lonely Administrator
  5. Yeta Edgar Mutelo says:
    April 1, 2021 at 5:19 am

    Cmdlets fail against some of the directory synced objects, in a hybrid environment (On-prem AD integrated with Azure AD). Other than that, this is fantastic…

    1. Jeffery Hicks says:
      April 1, 2021 at 8:41 am

      The ActiveDirectory module is designed, as far as I know, for on-prem AD so I’m not too surprised there are some inconsistencies. I’m glad you find the module useful but since you are using it in a hybrid scenario, there will be limitations.

Comments are closed.

reports

Powered by Buttondown.

Join me on Mastodon

The PowerShell Practice Primer
Learn PowerShell in a Month of Lunches Fourth edition


Get More PowerShell Books

Other Online Content

github



PluralSightAuthor

Active Directory ADSI Automation Backup Books CIM CLI conferences console Friday Fun FridayFun Function functions Get-WMIObject GitHub hashtable HTML Hyper-V Iron Scripter ISE Measure-Object module modules MrRoboto new-object objects Out-Gridview Pipeline PowerShell PowerShell ISE Profile prompt Registry Regular Expressions remoting SAPIEN ScriptBlock Scripting Techmentor Training VBScript WMI WPF Write-Host xml

©2025 The Lonely Administrator | Powered by SuperbThemes!
%d