Archive for October, 2015

PowerShell Script to Delete SharePoint Users in Active Directory and Send Out Email Notification of Affected Users

October 16, 2015 Leave a comment

On request I was asked if I could provide a script to automatically purge (delete) SharePoint users out of AD who have not authenticated to the Portal in 45 days.  In my environment we have a process that allows external portal access if  users are authorized access, and to keep our AD environment clean I needed to remove these external portal accounts in AD if they have not authenticate to the portal within 45.  Below is the PS script I created to do just that.

I blogged about how to use PowerShell to Send Email Notifications and Automatically Move and Disable SharePoint Users in Active Directory here —

You would replace the values highlighted in RED with your own.


$Domain = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()
$ADSearch = New-Object System.DirectoryServices.DirectorySearcher
$ADSearch.PageSize = 1000
$ADSearch.SearchScope = “subtree”
#AD Path to External Portal Disabled Users
$ADSearch.SearchRoot = “LDAP://OU=OU,OU=OU,OU=OU,DC=DC,DC=DC
$daysOld = 1

$today = Get-Date
$oldestValidLogon = $today.AddDays(-$daysOld)
$EmailSentDate = $today.tostring(“MM-dd-yyyy”)

$Deleted_AD_Portal_Users = “d:\Portal\Deleted-AD-Portal-Users_” + $EmailSentDate + “.txt”
$Deleted_AD_Portal_Users_SAMAccount = “d:\Portal\Deleted-AD-Portal-Users-SAMAccount_” + $EmailSentDate + “.txt”

$ADSearch.Filter = “(objectClass=user)”


$userObjects = $ADSearch.FindAll()

foreach ($user in $userObjects)
$dn = $user.Properties.Item(“distinguishedName”)
$displayName = $user.Properties.Item(“displayName”)
$mail = $user.Properties.Item(“mail”)
$phone = $user.Properties.Item(“telephoneNumber”)
$sam = $user.Properties.Item(“sAMAccountName”)
$logon = $user.Properties.Item(“lastLogonTimeStamp”)
$description = $user.Properties.Item(“description”)

if($logon.Count -eq 0)
$lastLogon = “Never”
$lastLogon = [DateTime]$logon[0]
$lastLogon = $lastLogon.AddYears(1600)


if($lastLogon -lt $oldestValidLogon)
$inActive = $oldestValidLogon – $lastLogon

$inActive = $inActive.Days
if ($inActive -ge 45)
$ADSPath = $User.Properties.adspath

“UsersDeleted: ” + $ADSPath >> $Deleted_AD_Portal_Users
$sam >> $Deleted_AD_Portal_Users_SAMAccount

$AUser = [ADSI](“$ADSPath”)




$att1 = New-Object Net.Mail.Attachment($Deleted_AD_Portal_Users)
$att2 = New-Object Net.Mail.Attachment($Deleted_AD_Portal_Users_SAMAccount)
$email = New-Object System.Net.Mail.MailMessage
$email.From = “EMAIL ADDRESS”
$email.To.Add(“EMAIL ADDRESS”)
$email.To.Add(“EMAIL ADDRESS”)
$email.To.Add(“EMAIL ADDRESS”)
$email.Subject = “External Portal Accounts Report – Deleted Accounts”
$email.Body = “The following External Portal accounts have been deleted from Active Directory.  Please see attached files, for affected deleted accounts. No further action is needed.”
$smtpServer = “SMTP IP”
$smtp = new-object Net.Mail.SmtpClient($smtpServer)

Categories: Uncategorized

Add Web Front Indicators to SharePoint 2010 Without Backend Code

October 14, 2015 Leave a comment

If you work with robust SharePoint 2010 environments that consist of multiple web front end servers that are load-balanced, and you need to troubleshoot errors within the SharePoint environment it can become quite frustrating trying to narrow down the issues when you have to visit each web front end servers 14 hive to grab the ULS logs.   Wouldn’t it be easier to know exactly which web front end server is serving up the error and go directly to that server?

Below is how I accomplish this.

First you will either need to create or grab front end indicator icon images to represent your SharePoint front end servers.  For my case I have 3 web front end servers so I needed three png icon images (13×18) pixels with (1), (2), (3).  If you do a quick Google search you can find many icons on the internet with numbers in them.

(1) –

(2) –

(3) –

Once you find your icon images you would like to use, rename (save) them with exactly the same name i.e. ( indicator.png ) or whatever you like.

Next you want to copy the indicator.png with (1) in the image to WFE1, indicator.png with (2) in the image to WFE2, and indicator.png with (3) in the image to WFE3.  These images will be placed in the \images\ directory of 14 hive (c:\program files\common files\Microsoft Shared\Web Server Extensions\14\Template\Images) on each WFE server.

For my case here I just created a separate directory (folder) inside the (images) directory called (indicators).  Inside that folder on each WFE server I placed a copy of the indicator.png icon image that corresponded with that specific server.

Next we need to update the masterpage  for your SharePoint page to point to the \images\ indicators directly.

  1. Open up your masterpage in SP2010 Designer or Download a local copy.  If this is OOTB SharePoint this is usually the v4.Master.  I recommend downloading a local copy instead of directly modifying it within SP2010 Designer
  2. Once  your masterpage is open, search for the follow <tags> <wssuc: Welcome id=”IdWelcome” runat=”server” EnableViewState=”false”></wssuc:welcome> and <wssuc:MUISelector ID=”IdMuiSelector” runat=”server” />
  3. Right after the <wssuc:MUISelector ID=”IdMuiSelector” runat=”server” /> tag put the following:  <img src=”/_layouts/Images/Indicators/indicator.png” />
  4. Save the masterpage file with a new name i.e (v4-indicators.master)
  5. Upload your new masterpage file back into the Master pages and pages layouts gallery on your site.
  6. Once uploaded change your Site Master Page under “Look and Feel” to point to your new v4-indicators.master page and if you want your subsites to inherit this masterpage checkmark the “Reset all subsites to inherit this shit master page setting” box and hit “ok”

Once done you should now see a web front end indicator icon image next to your sign on name in the portal.  Depending on which WFE you are hitting will display the correct WFE icon for that server.

What happens here is depending on which front end server you are hitting SharePoint will reach into the 14 hive images directory and serve the images from the \Images\ directory.  So if traffic is going to WFE2, SharePoint will reach into the 14 hive images directory inside WFE2 server to serve up those images.

This can be done via Code behind as well which I’ve also done, however this is the quickest and easiest way in accomplishing this.

Hopefully this was helpful for others.