The Surly Admin

Father, husband, IT Pro, cancer survivor

Report When New Users are Added to Active Directory

Found a user on Spiceworks who was struggling getting vbScript to send an email using SMTP authentication.  While very possible to do in vbScript (Paul Sadowski great blog I’ve used for years) this is definitely one of those things where the code just looks ugly and it can be a little confusing.  Powershell’s Send-MailMessage cmdlet takes all of that away.  Combine that with the RSAT tools for Active Directory and you can do some pretty cool things very easily.  So read on to see how I solved this problem.

Secure Credentials

One of the big things that vbScript lacks is secure strings.  Now, I’m sure there are plenty add-on’s and functions that people have built over the years to solve this problem but the reality is, if you’re not an advanced scripter you’re not going to use them.  Powershell gives us the ability to save passwords in a secure manner, and I wrote the GetCredentials function to take advantage of that fact.  This was a fun little project because I got to use it!


So the user in this case was having trouble sending email’s using CDO in his vbScript and there’s no doubt it’s a little odd how you do it in vbScript.  Of course, in Powershell it’s as easy as using the Send-MailMessage cmdlet (so 10-15 lines of code down to one).  But he really is working on a script that will discover new users and email the information to him, so that’s what I decided to do in Powershell.

Param (
[string]$To = "",
[string]$From = "",
[string]$SMTPServer = "yoursmtpserver",
[string]$AuthUser = "administrator"

As usual, I setup the variables I want to use as parameters to give me more flexibility.  Next comes GetCredentials function.

$Yesterday = (Get-Date).AddDays(-1)
$Users = Get-ADUser -Filter { whenCreated -ge $Yesterday }

Then we need to define how far back we want to check Active Directory for new users.  The idea is for this script to be run daily, so in this case we’ll do 1 day.  If you wanted to run this once a week you could change that number to 7.  Then we use Get-ADUser and the -Filter parameter to narrow our search and load it into a variable.

$SMTPProperties = @{
From = $From
To = $To
Subject = "New Users created $Yesterday"
SMTPServer = $SMTPServer

Load up a hash table with all of static properties we’ll need for Send-MailMessage–another splat!

$Body = "`nThere were $($Users.Count) created yesterday:  $Yesterday`n`n`n"
If ($Users)
{ $Body += $Users | Select SamAccountName,Name,DistinguishedName | Format-List | Out-String
{ $Body += "Sorry, no users created yesterday."

Then create the body variable, if there’s something in $Users we’ll use Select to get the 3 fields I want in the report and pipe it into Format-List and then pipe it into Out-String so it looks nice.  Load the results onto the end of the $Body variable.  Originally I had used Format-Table as I liked the output better, and on a Powershell screen with a fixed font it looked great but when it get’s emailed it just looked BAD.  Really bad.  So I tried Format-List and it’s not wonderful but it gets the job done so I went with it.

If $Users is $null then we’ll just put a little message in there saying nothing was created.

$Cred = GetCredentials $AuthUser
Send-MailMessage @SMTPProperties -Body $Body -Credential $Cred

Now we get down to it.  I use the GetCredentials function to get the secure username and password for the $AuthUser.  If the function can’t find the secure password file for $AuthUser it will prompt you for it and save it.  Then we use Send-MailMessage, splat the properties and add the Body and Credential parameters and we’re good to go.  Email sent.

You can find the full source code at Spiceworks.


October 22, 2012 - Posted by | PowerShell | , , ,

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: