SharePoint – checking mysites has users in AD

July 2, 2012 by 3 Comments

One of the most common problems with SharePoint is that without sitting in central admin and going through each site collection there is no easy way of checking mysites still have users in AD. I have found that no matter what processes you have for archiving users, a few sites will always get left on the system.

So that you can avoid this you can automate a process to check this. The first step is to create a batch file that exports a list of site collections to an xml file :

SET STSADM=”c:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\bin\STSADM.EXE”

%STSADM% -o enumsites -url http://”Site Name” > D:\Tasks\MySiteStats.xml

Then you will need to create a PowerShell script that will look though each site and check that it has a user in AD :

#checks mysite have users

#checks user is in AD
Function Check-ADUser
{
Param ($UsernameCK)
 
    $Username = ($UsernameCK.Split(“\”)[1])
    $ADRoot = [ADSI]”
    $ADSearch = New-Object System.DirectoryServices.DirectorySearcher($ADRoot)  
    $SAMAccountName = “$UsernameCK”
    $ADSearch.Filter = “(&(objectClass=user)(sAMAccountName=$SAMAccountName))”
    $Result = $ADSearch.FindAll()
 
    If($Result.Count -eq 0)
    {
        # “No such user on the Server”
        $Status = “0”
    }
    Else
    {
        # “User exist on the Server”
        $Status = “1”
    }
     
    $Results = New-Object Psobject
    $Results | Add-Member Noteproperty Status $Status
    Write-Output $Results     
}

#reads in the xml file from SP server
[xml] $xmldata = Get-Content D:\tasks\MySiteStats.xml
#loop for each record
foreach( $site in $xmldata.sites.site)
{
    #get the owner field
    $owner = $site.owner
    if ($owner -ne $Null)
    {
        #trims so the system has just the username
        $Username = $owner.substring(12)
        #checks in AD
        $Status = (Check-ADUser -username “$Username”).Status
        #if the user does not exist
        If ($Status -eq 0)
        {
            #emails helpdesk to log a call to remove the old site
            $emailFrom = “email from address”
            $emailTo = “email to address”
            $subject = “Remove old user from mysites”
            $body = “The user $Username has a mysite but no longer exists in AD. Please archive this site and remove from mysite”
            $smtpServer = “email server”
            $smtp = new-object Net.Mail.SmtpClient($smtpServer)
             $smtp.Send($emailFrom, $emailTo, $subject, $body)
        }
    }
}

This will only work if your mysites are set to use the username, you will have to modify this if you use the name of the person.

Schedule both of these and you can let the system do the work of auditing the mysites.

Filed under SharePoint Tagged with , , ,

About Fuckthiscrapsite
It wont let me reuse passwords or delete my account so Fuckthiscrapsite change to random crap until they delete it

3 Responses to SharePoint – checking mysites has users in AD

  1. rift platinum says:
    July 28, 2012 at 9:40 pm

    I adored your helpful post. excellent stuff. I hope you release many. I will carry on reading

    Reply
  2. tera gold says:
    August 3, 2012 at 3:59 am

    Very interesting info!Perfect just what I was searching for!

    Reply
  3. Steven Olson says:
    August 3, 2012 at 9:36 pm

    Some genuinely excellent blog posts on this web site , appreciate it for contribution.

    Reply

Leave a reply to Steven Olson Cancel reply