DNS Audit about newly created records $ComputerName = 'pugazh' $Zones = Get-DnsServerZone -ComputerName $ComputerName | Where-Object { $_.IsDsintegrated } #get all zones I care about $DNSRecords = $Zones | Get-DnsServerResourceRecord -ComputerName $ComputerName #get every DNS record $RecordAndOwner = $DNSRecords | ForEach-Object { [pscustomobject]@{ Record = $_ Owner = (Get-Acl $('AD:\' + $_.DistinguishedName)).Owner } } $RecordAndOwner #List all the owners... wait, that is too much stuff and too hard to read #List everyone that has created a DNS record and how many records they have created (only checks owner, but owner is the creator by default) $RecordAndOwner | Group-Object owner | Select-Object count, name | Sort-Object name #Omit records created by servers $RecordAndOwner | Group-Object owner | Where-Object { $_.Name -notlike '*$' } | Select-Object count, name | Sort-Object name #Inve
Remove multiple users from a single AD group https://www.powershellbros.com/remove-user-from-specifc-ad-groups-using-powershell/ Start-Transcript -Path C:\Temp\Remove-ADUsers.log -Append #Taking AD group member detail and will send them by Mail. #Getting AD group member detail and save in CSV format. (Get-ADGroup " AD-Group-Name " -properties members).members | Get-ADUser -properties displayName | Select-Object displayName,SamAccountName,emailaddress | export-CSV c:\users\administrator\ AD-Group-Name (or File-Name) .csv #Import the user list $Users = Import-Csv " C:\Temp\ Users.csv " #Update the AD group name which is need to be removed for listed users. $Group = “ AD-Group-Name ” $Report = @() foreach ($User in $Users) { $UPN = $User.UserPrincipalName $ADUser = Get-ADUser -Filter "UserPrincipalName -eq '$UPN'" | Select-Object SamAccountName $ExistingGroups = Get-ADPrincipalGroupMembership $ADUser.SamAccountName | Select-Object Nam