less than 1 minute read

Here is a quick PowerShell tip to retrieve the computers created in Active Directory by a specific user

With ADSI (no module required)

# Find user SID
$UserFQDN = '[email protected]'
$UserObj = New-Object System.Security.Principal.NTAccount($UserFQDN)
$strSID = $UserObj.Translate([System.Security.Principal.SecurityIdentifier])
$UserSID = $strSID.Value

# Find Computer(s) joined to the domain by a specific user
$Searcher = New-Object -TypeName System.DirectoryServices.DirectorySearcher
$Searcher.Filter = "(&(objectcategory=computer)(mS-DS-CreatorSid=$UserSID)"
$Searcher.FindAll()

With ActiveDirectory PowerShell module

# Find computers joined to the domain by a specific user
$UserName = Read-Host -Prompt "Enter username"
$UserSID = (Get-ADUser $UserName -Property objectsid).objectsid
Get-ADComputer -SizeLimit 0 -LdapFilter "(&(objectcategory=computer)(mS-DS-CreatorSid=$UserSID)"

With Quest Active Directory PowerShell snappin

# Find computers joined to the domain by a specific user
$UserName = Read-Host -Prompt "Enter username"
$UserSID = (Get-QADUser -Identity $UserName -IncludeAllProperties).objectsid
Get-QADComputer -SizeLimit 0 -LdapFilter "(&(objectcategory=computer)(mS-DS-CreatorSid=$UserSID)"

Leave a comment