PowerShell Script to Report Any Changes on Domain Admins
With this script, when a new user is added to the Domain Admins group, we can be informed of this change via e-mail. The task of the script is to be notified automatically via e-mail if a user is added to a group (Domain Admins group in the example) within a specified time period.
Quick link to script:
powershell/check_domain_admins.ps1 at main · kbsuperuser/powershell (github.com)
*******
<#
.SYNOPSIS
Check the domain admin group members
.DESCRIPTION
This PowerShell script checks domain admin group members in a timely manner and sends a mail if any change happens. Create a Task Scheduler for this script and this script will send a mail if detects any changes on the last hour. The exchange relay settings should have been done before running this script.
.EXAMPLE
PS> ./check_domain_admins
.LINK
https://github.com/kbsuperuser/powershell
.NOTES
Author: kbsuperuser.com | License: CC0
#>
Import-Module activedirectory
$ref=(Get-ADGroupMember -Identity "Domain Admins").Name
Start-Sleep -Seconds 3600
$diff=(Get-ADGroupMember -Identity "Domain Admins").Name
$date=Get-Date -Format g
$result=(Compare-Object -ReferenceObject $ref -DifferenceObject $diff | Where-Object {$_.SideIndicator -eq "=>"} | Select-Object -ExpandProperty InputObject) -join ", "
If ($result)
{Send-MailMessage -From [email protected] -To [email protected] -SmtpServer relay.kbsuperuser.com -Subject "Domain Admin Alert" -Body "$result have been added to domain admins group. Date : $date" -Priority High -Encoding UTF8}
*******
What's Your Reaction?
