Windows / Microsoft AD Context Logs - Computer Accounts script needed

Question

Howdy,I am facing some challenges with acquiring OnPrem AD Contextual data.Get-ADUser works fine, but the Get-ADComputer part errors out Using this:https://docs.cloud.google.com/chronicle/docs/ingestion/default-parsers/windows-ad # Set the location where the log file will be written$OUTPUT_FILENAME “C:\Data\SecOps\Logs\AD-AssetContext.json"If (Test-Path -Path $OUTPUT_FILENAME) { Remove-Item -path $OUTPUT_FILENAME -ErrorAction SilentlyContinue}# USER_CONTEXT: Gets all Active Directory users and their properties.Get-ADUser -Filter * -properties samAccountName | % { Get-ADUser $_.SamAccountName -properties * | ConvertTo-JSON -compress | Out-File -encoding utf8 $OUTPUT_FILENAME -Append }# ASSET_CONTEXT: Gets all Active Directory assets and their properties.Get-ADComputer -Filter * -properties samAccountName | % { Get-ADComputer $_.SamAccountName -properties * | ConvertTo-JSON -compress | Out-File -encoding utf8 $OUTPUT_FILENAME -Append } This errors out with Get-ADComputer : The server has returned the following error: invalid enumeration context.At C:\Data\SecOps\AD-AssetContext.ps1:44 char:1+ Get-ADComputer -Filter * -properties samAccountName | % { Get-ADCompu ...+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~    + CategoryInfo          : NotSpecified: (:) [Get-ADComputer], ADException    + FullyQualifiedErrorId : ActiveDirectoryServer:0,Microsoft.ActiveDirectory.Management.Commands.GetADComputer  We believe this is due to the session timing out.We have a lot of computer accounts in our AD. Thank you in advance.

JSpoorSonic · Accepted Answer

Resolved this by breaking it into multiple Pulls per OU.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded