Windows Shell Script
Skript bearbeiten|Remove
$outfile = "someOutputFile_$(get-date -Format yyyyMMdd).csv" 
"AD_Object;SPN;DN" | Out-File $outfile 
 
$ou=Get-ADOrganizationalUnit "OU=SomeoU,DC=z,DC=y,DC=y" 
$Liste = Get-ADuser -SearchBase $ou -filter * -Properties Name, DistinguishedName, ServicePrincipalNames | Where-Object$PSITEM.ObjectClass -eq "user"$Liste += Get-ADComputer -SearchBase $ou -filter * -Properties Name, DistinguishedName, ServicePrincipalNames | Where-Object$PSITEM.ObjectClass -eq "computer"} 
 
 
$Liste |%{ 
            IF$PSITEM.ServicePrincipalNames -ne $null ){ 
                $Name = $PSITEM.Name 
                $DN = $PSITEM.DistinguishedName 
                $PSITEM.ServicePrincipalNames |%{ 
                                                "$Name;$PSITEM;$DN" | Tee-Object $outfile -Append 
                                                } 
                $Name = $null 
                $DN = $null 
 
            } 
             
          
         }
 

Hi,

 

i wanted to report all the registered spns in specific ou and only with Powershell - not with a mixture of setspn and vb script. I did not find a similar clean script, so i decided to share my work with you. As you can see, the script can quickly be changed to your environment. You can double the OU Line and extend the Array "Liste" with more entries from different domains and our ous.