$domain = $args[0]$username = $args[1]$password = $args[2]$ObjFilter = "(&

1. $domain = $args[0]
2. $username = $args[1]
3. $password = $args[2]
4. $ObjFilter = "(&(objectCategory=person)(objectClass=user)(!userAccountControl:1.2.840.113556.1.4.803:=2))"
5.  
6. #Build the directory object with a SecureSocketLayer connection. You might have to modify the domain\username combination. The example below will fail if the ".com" is passed in with #the domain\username ie: testlab.com\admin
7. $Directory=New-Object System.DirectoryServices.DirectoryEntry ("LDAP://$domain", (($domain -replace ".com")+'\'+$username), $password,[System.DirectoryServices.AuthenticationTypes]::SecureSocketsLayer)
8.  
9. $Searcher=New-Object System.DirectoryServices.DirectorySearcher
10. $Searcher.SearchRoot=$Directory
11. $Searcher.PageSize = "1000"
12. $Searcher.Filter = $ObjFilter
13. $Searcher.SearchScope = "Subtree"
14.  
15. $Searcher.PropertiesToLoad.Add("sAMAccountName") |Out-Null
16. $Searcher.PropertiesToLoad.Add("memberOf") | Out-Null
17. #$Searcher.PropertiesToLoad.Add("name") |Out-Null
18. $Results = $Searcher.FindAll()
19. $adusers=@()
20. foreach($result in $results){
21. $Group=$Result.Properties.memberof
22. $Admins = $Result.Properties.samaccountname | Where {$Group -like "*Domain Admins*" -or $Group -like "*Enterprise Admins*" -or $Group -like "*Administrators"}
23.     foreach ($admin in $admins){
24.     $ObjUser = New-Object -TypeName PsObject;
25.     $ObjUser | Add-Member -MemberType NoteProperty -Name Resource -Value $env:USERDNSDOMAIN;
26.     $ObjUser | Add-Member -MemberType NoteProperty -Name UserName -Value $Admin;
27.     $ObjUser | Add-Member -MemberType NoteProperty -Name Enabled -Value $True;
28.     $adusers += $ObjUser;}
29. }
30. Return $adusers