How to generate auditing reports on Active Directory Objects

• Find the domain from which you need the report.
• Identify the attributes that need to be included in the report.
• Identify the attributes that need to be included in the report.
• Compile the script.
• Execute it in Windows PowerShell.
• The report will exported in the format written in the script.
• If it needs to be exported in a different format, modify the script accordingly.

Here is a sample script:

Search-ADAccount –AccountDisabled –UsersOnly –ResultPageSize 2000 –ResultSetSize $null | Select-Object SamAccountName, DistinguishedName

Search-ADAccount –AccountDisabled –UsersOnly –ResultPageSize 2000 –ResultSetSize $null | Select-Object SamAccountName, DistinguishedName

Note: To obtain a comprehensive auditing report on the network, several such PowerShell scripts will have to be run.

• ADAudit Plus has clearly labeled and categorized reports that don't just list data, but provide an insightful look into various Active Directory events. It also audits different parts of the network using File Audit, Server Audit among other examples.
• Find the relevant reports, select the particular domain and OU and click Generate.
• Click Export to export the reports in the available formats (CSV, PDF, HTML, CSVDE, XLSX)

Here is a sample report on disabled user accounts. As a network best practice, AD user accounts are disabled for a period of time before they are deleted. This list can show administrators that user accounts that need to be deleted. If the disabled users are constantly monitored, the administrator will also be able to easily identify an unauthorized re-enabling of a user account.