|
| 1 | +function Get-ADAttributeUniqueValues { |
| 2 | + <# |
| 3 | + .SYNOPSIS |
| 4 | + Get a list of unique values for specified attributes in Active Directory. |
| 5 | +
|
| 6 | + .DESCRIPTION |
| 7 | + This script queries all user accounts in Active Directory and get a list of the unique values that are found in the |
| 8 | + specified attributes. It defaults to checking company, department, location, office, and title. |
| 9 | +
|
| 10 | + .PARAMETER AttributesToCheck |
| 11 | + The attribute or list of attributes on AD users to check. (Defaults to company, department, office, and title.) |
| 12 | +
|
| 13 | + .PARAMETER ExportDirectory |
| 14 | + The directory to save the exported JSON file in. (Optional, defaults to C:\Temp.) |
| 15 | +
|
| 16 | + .PARAMETER Filename |
| 17 | + The filename for the exported JSON. (Optional, defaults to ADAttributeUniqueValues.json.) |
| 18 | +
|
| 19 | + .EXAMPLE |
| 20 | + Get-ADAttributeUniqueValues |
| 21 | +
|
| 22 | + Get a list of unique values for the default attributes (company, department, office, and title) and export them to |
| 23 | + C:\Temp\ADAttributeUniqueValues.json. |
| 24 | +
|
| 25 | + .EXAMPLE |
| 26 | + Get-ADAttributeUniqueValues -AttributesToCheck department -ExportDirectory C:\Temp -Filename UniqueAttributes.json |
| 27 | +
|
| 28 | + Get a list of unique department values and export them to C:\Temp\UniqueAttributes.json. |
| 29 | +
|
| 30 | + .NOTES |
| 31 | + Author: Sam Erde |
| 32 | + Company: Sentinel Technologies, Inc |
| 33 | + Modified: 2025-02-20 |
| 34 | + Version: 1.0.0 |
| 35 | +
|
| 36 | + .LINK |
| 37 | + https://github.com/SamErde |
| 38 | +
|
| 39 | + .LINK |
| 40 | + https://www.sentinel.com |
| 41 | + #> |
| 42 | + [CmdletBinding()] |
| 43 | + param ( |
| 44 | + # The attribute or list of attributes on AD users to check. (Defaults to company, department, office, and title.) |
| 45 | + [Parameter()] |
| 46 | + [ValidateNotNullOrEmpty()] |
| 47 | + [ValidateSet('company', 'country', 'department', 'homeDrive', 'l', 'physicalDeliveryOfficeName', 'postalCode', 'state', 'streetAddress', 'title')] |
| 48 | + [string[]] |
| 49 | + $AttributesToCheck = @('Company', 'Department', 'Office', 'Title'), |
| 50 | + |
| 51 | + # The directory to save the exported JSON file in. (Optional, defaults to C:\Temp.) |
| 52 | + [Parameter()] |
| 53 | + [ValidateNotNullOrEmpty()] |
| 54 | + [ValidateScript({ Test-Path -Path $_ -PathType Container })] |
| 55 | + [string] |
| 56 | + $ExportDirectory = 'C:\Temp', |
| 57 | + |
| 58 | + # The filename for the exported JSON. (Optional, defaults to ADAttributeUniqueValues.json.) |
| 59 | + [Parameter()] |
| 60 | + [string] |
| 61 | + $Filename = 'ADAttributeUniqueValues.json' |
| 62 | + ) |
| 63 | + |
| 64 | + begin { |
| 65 | + Start-Transcript -Path (Join-Path $ExportDirectory -ChildPath 'Get-ADAttributeUniqueValues.log') -Append -NoClobber |
| 66 | + # Create a hashtable to store the list of unique values for each attribute. |
| 67 | + $AttributeValues = @{} |
| 68 | + Write-Verbose "Checking attributes: $($AttributesToCheck -join ', ')" |
| 69 | + |
| 70 | + # Create the full path for the exported JSON file. |
| 71 | + $ExportPath = Join-Path -Path $ExportDirectory -ChildPath $Filename |
| 72 | + Write-Verbose "Export Path: $ExportPath" |
| 73 | + } |
| 74 | + |
| 75 | + process { |
| 76 | + # Get all enabled users from Active Directory with the specified attributes. |
| 77 | + Import-Module ActiveDirectory -Verbose:$false |
| 78 | + $Users = Get-ADUser -Filter 'Enabled -eq $true' -Properties $AttributesToCheck |
| 79 | + Write-Verbose "[+] Analyzing $($Users.Count) users." -Verbose |
| 80 | + if ($Users.Count -eq 0 -or -not $Users) { |
| 81 | + throw 'Failed to enumerate user objects.' |
| 82 | + } |
| 83 | + |
| 84 | + # Loop through the list of attributes to check and add their unique values to a hash table. |
| 85 | + foreach ($Attribute in $AttributesToCheck) { |
| 86 | + Write-Verbose " | Checking attribute: $Attribute" |
| 87 | + $KeyName = "${Attribute}Values" |
| 88 | + |
| 89 | + # In the hash table, store the attribute name as the key. In the item's value property, create a (nested) list object to store the unique values for the AD attribute. |
| 90 | + $AttributeValues[$KeyName] = New-Object -TypeName 'System.Collections.Generic.List[System.String]' |
| 91 | + |
| 92 | + # Get all unique, sorted values in use for the current attribute and then add them to the list (if any). |
| 93 | + $UniqueValues = [string[]]($Users | Select-Object -ExpandProperty $Attribute -Unique | Sort-Object) |
| 94 | + Write-Verbose " --- Found $($UniqueValues.Count) unique values for $Attribute" |
| 95 | + if ($UniqueValues.Count -gt 0) { |
| 96 | + $AttributeValues[$KeyName].AddRange($UniqueValues) |
| 97 | + } |
| 98 | + } |
| 99 | + |
| 100 | + # Export the hash table to a JSON file. |
| 101 | + $AttributeValues | ConvertTo-Json | Out-File -FilePath $ExportPath -Force |
| 102 | + Write-Verbose "[+] Exported results to $(Resolve-Path -Path $ExportPath)" |
| 103 | + } |
| 104 | + |
| 105 | + end { |
| 106 | + Remove-Variable Attribute, AttributesToCheck, AttributeValues, ExportDirectory, ExportPath, Filename, KeyName, UniqueValues, Users -ErrorAction SilentlyContinue |
| 107 | + Write-Verbose 'Cleaning up.' |
| 108 | + Stop-Transcript |
| 109 | + } |
| 110 | +} |
0 commit comments