Is it possible to change the PS script below in two ways:
The group members are now exported horizontally but I want all the users in 1 cell in the column beside the group name. We have a lot of groups and it is not readable this way.
The path to the folders in the description field of the AD groups are not exported. I would like to have the content of the description field also exported in the column beside the group.
I would like to see this result, see the photo below please:
cls
$Groups = "Group1", "Group2", "Group3"
$results = foreach ($Group in $Groups) {
Get-ADGroupMember -Server contoso.com $group |
select SamAccountName, #{n='GroupName';e={$group}}, #{n='Description';e={(Get-ADGroup $group -Properties description).description}}
}
$results
$results | Export-csv C:\TEMP\GroupMemberShip.CSV -NoTypeInformation
With some minor changes to your original code, you could first gather the wanted info per group and before exporting to CSV, use Group-Object to merge the details.
Something like:
$Groups = "Group1", "Group2", "Group3"
$results = foreach ($Group in $Groups) {
$adGroup = Get-ADGroup $group -Properties Description -ErrorAction SilentlyContinue
if ($adGroup) {
$adGroup | Get-ADGroupMember -Server 'contoso.com' |
Select-Object SamAccountName,
#{Name = 'GroupName'; Expression = {$adGroup.Name}},
#{Name = 'Description'; Expression = {$adGroup.Description}}
}
else {
Write-Warning "Group '$group' could not be found.."
}
}
# now group the results on the GroupName property and
# return objects with joined SamAccountNames and Descriptions
$results | Group-Object GroupName | ForEach-Object {
[PsCustomObject]#{
SamAccountName = ($_.Group.SamAccountName | Sort-Object -Unique) -join ', '
GroupName = $_.Name
Description = ($_.Group.Description | Sort-Object -Unique) -join ', '
}
} | Export-Csv -Path 'C:\TEMP\GroupMemberShip.CSV' -NoTypeInformation
Although I don't understand why you would like to have duplicate items in your output, you can do this like below
$Groups = "Group1", "Group2", "Group3", "Group2", "Group3"
$results = foreach ($Group in $Groups) {
$adGroup = Get-ADGroup $group -Properties Description -ErrorAction SilentlyContinue
if ($adGroup) {
$adGroup | Get-ADGroupMember -Server 'contoso.com' |
Select-Object #{Name = 'SamAccountName'; Expression = {($_.SamAccountName | Sort-Object -Unique) -join ', '}},
#{Name = 'GroupName'; Expression = {$adGroup.Name}},
#{Name = 'Description'; Expression = {$adGroup.Description}} -ExcludeProperty SamAccountName
}
else {
Write-Warning "Group '$group' could not be found.."
}
}
$results | Sort-Object GroupName | Export-Csv -Path 'C:\TEMP\GroupMemberShip.CSV' -NoTypeInformation
Related
I need some way to report which users in our AD are having duplicated ProxyAddresses or aliases.
Get-ADUser -filter * -properties proxyaddresses |
Select-Object Name,
#{ L = "proxyAddresses"; E = { ($_.ProxyAddresses -like 'smtp:*') -join ";" } } |
export-csv -Path C:\proxyaddresses.csv -NoTypeInformation
I need only the duplicated AD user, not the whole lot, how can I get that report to . CSV file?
You need to wait before concatening your proxy addresses until you are done working with them.
You can get the duplicates by comparing the count of proxy addresses with the count of unique proxy addresses (Select-Object -Unique). If the count mismatch, then you have some dupe in there. If it is the same, then no duplicates.
Here is an example:
$Users = Get-ADUser -filter * -properties proxyaddresses |
Select-Object Name,
#{ L = "proxyAddresses"; E = { $_.ProxyAddresses -like 'smtp:*' } }
$Dupes = $Users | Where-Object -FilterScript { $_.proxyaddresses.Count -ne ($_.ProxyAddresses | Select-Object -Unique).Count }
$Dupes | Select Name, #{'Name' = 'ProxyAddresses' ; 'Expression' = { $_.proxyAddresses -join ';' } } | export-csv -Path C:\proxyaddresses.csv -NoTypeInformation
Reference dataset used
$Users = #(
[PSCustomObject]#{Name = 'Value'; proxyaddresses = #('SMTP:a#a.com', 'SMTP:a#a.com' ) }
[PSCustomObject]#{Name = 'Bob Value'; proxyaddresses = #('SMTP:a#a.com', 'b#a.com') }
)
Not sure if you want:
Users that have a duplicated address in their proxy list (see answer #SagePourpre), or
All users that have the same proxy addresses in their list as another user (this answer)
Create an index (hashtable) where each proxy address refers to a list of users that own that specific proxy address:
$ADUserByProxy = #{}
Get-ADUser -filter * -properties proxyaddresses |
ForEach-Object {
ForEach ($Proxy in $_.ProxyAddresses) {
if (!$ADUserByProxy.Contains($Proxy)) {
$ADUserByProxy[$Proxy] = [Collections.Generic.List[Object]]::new()
}
$ADUserByProxy[$Proxy].Add($_)
}
}
Than list all the values that contain more then 1 user:
$ADUserByProxy.GetEnumerator() |
Where-Object { $_.Value.Count -gt 1 } |
ForEach-Object { $_.Value } |
Export-csv -Path C:\proxyaddresses.csv -NoTypeInformation
Perhaps not the fastest method, but here's an alternative:
Get-ADUser -Filter * -Properties proxyaddresses | Foreach-Object {
$unique = $_.ProxyAddresses | Select-Object -Unique
$dupes = Compare-object -ReferenceObject $unique -DifferenceObject $_.ProxyAddresses -PassThru
if (#($dupes).Count) {
$_ | Select-Object Name, #{Name = 'DuplicateAddresses'; Expression = {$dupes -join ';'}}
}
} | Export-Csv -Path 'C:\proxyaddresses.csv' -NoTypeInformation
I want to know which group they have membership for. But I want to export samaccountname , displayname ,employeeid like below.
script :
$userlist = Get-Content 'C:\your\userlist.txt'
Get-ADUser -Filter '*' -Properties memberof | Where-Object {
$userlist -contains $_.SamAccountName
} | ForEach-Object {
$username = $_
$groups = $_ | Select-Object -Expand memberof |
ForEach-Object { (Get-ADGroup $_).Name }
"{0}: {1}" -f $username, ($groups -join ', ')
} | Out-File 'c:\temp\ss.csv'
My output :
CN=John T,DC=contoso,DC=local: IT_mail_group , IT_mail_group2
My desired output :
displayname;samaccountname;Staff ID;membership
John T ;johnt;1234; IT_mail_group , IT_mail_group2
Create 1 object per user, then export using Export-Csv:
Get-ADUser -Filter '*' -Properties memberof,employeeid,displayname | Where-Object {
$userlist -contains $_.SamAccountName
} | ForEach-Object {
[pscustomobject]#{
DisplayName = $_.DisplayName
SAMAccountName = $_.SAMAccountName
EmployeeID = $_.EmployeeID
Memberships = ($_.memberof |ForEach-Object { (Get-ADGroup $_).Name }) -join ', '
}
} | Export-Csv -Delimiter ';' -Path 'c:\temp\ss.csv' -NoTypeInformation
Now just I am able to export all ad groups with members. My question is : I am stuck trying to figure out how to export Active Directory groups that are don't have members well.
$result = Get-ADGroup -Properties Name -Filter 'name -like "*VPN*"' | ForEach-Object {
$group = $_.Name
Get-ADGroupMember -Identity $group -Recursive |
Where-Object {$_.objectClass -eq 'user'} |
Get-ADUser -Properties Displayname,Name,EmailAddress |
Select-Object #{Name = 'Group'; Expression = {$group}}, Displayname,Name,EmailAddress
$result | Export-Csv -Path 'C:\tmp\Groups.csv' -NoTypeInformation
One way this could be done is with a simple alteration. You can check if your query has a result before piping to Select-Object.
$result = Get-ADGroup -Properties Name -Filter 'name -like "*VPN*"' | ForEach-Object {
$group = $_.Name
$query = Get-ADGroupMember -Identity $group -Recursive |
Where-Object {$_.objectClass -eq 'user'} |
Get-ADUser -Properties Displayname,Name,EmailAddress
if (!$query) {
[pscustomobject]"" | Select-Object #{Name = 'Group'; Expression = {$group}}, Displayname,Name,EmailAddress
}
else {
$query | Select-Object #{Name = 'Group'; Expression = {$group}}, Displayname,Name,EmailAddress
}
}
$result | Export-Csv -Path 'C:\tmp\Groups.csv' -NoTypeInformation
The other option would be to create a custom object during each iteration and build it accordingly. You can then set values for properties that will actually have values.
I want to read users from different Active Directory groups and then sort and group the results.
From a list like
UserName UserGroup
UZZ GAA
UKK GAA
UZZ GBB
ULL GBB
I want to get that:
Username UserGroup
UKK GAA
ULL GBB
UZZ GAA
So, from User UZZ I want to get only one entry in the list with the first value of UserGroup (first in the alphanumeric sort).
Till now I have the following code:
Import-Module ActiveDirectory
$Groups = (Get-AdGroup -filter * | Where {$_.name -like "G-Q-T*"} | select name -expandproperty name)
$Table = #()
$Record = #{"GroupName" = """Username" = ""}
Foreach ($Group in $Groups) {
$Arrayofmembers = Get-ADGroupMember -identity $Group | select name, samaccountname
foreach ($Member in $Arrayofmembers) {
$Record."GroupName" = $Group
$Record."UserName" = $Member.samaccountname
$objRecord = New-Object PSObject -property $Record
$Table += $objRecord
}
}
$Table | Sort-object -property Username | Group-object -property Username | export-csv "U:\members.csv" -NoTypeInformation**
The part making the list works fine. But not the sort and group part.
Thank you a lot for an answer and help.
Meanwhile I found out, that I have also to add the SID into the .csv File.
The SID is also in the Get-AdGroupMember. But then I try to implement is as the following, the output in case of SID stays empty. What did I wrong where? Thank you in advance for an answer:
Import-Module ActiveDirectory
$Groups = (Get-AdGroup -filter "name -like 'G-Q-T*'" | select name -expandproperty name)
$Table = #()
$Record = #{
"GroupName" = ""
"Username" = ""
"SID" = ""
}
Foreach ($Group in $Groups)
{
$Arrayofmembers = Get-ADGroupMember -identity $Group | select name,samaccountname,SID
foreach ($Member in $Arrayofmembers)
{
$Record."GroupName" = $Group
$Record."UserName" = $Member.samaccountname
$Record."SID" = $Member.SID
$objRecord = New-Object PSObject -property $Record
$Table += $objRecord
}
}
$Table | Group-Object -Property Username |
Select-Object #{n="UserName";e={$_.Name}} , #{n="GroupName";e={$_.Group | Sort-Object GroupName | Select-Object -First 1 -ExpandProperty GroupName}} , #{n="SID";e={$_.SID | Sort-Object SID | Select-Object -First 1 -ExpandProperty SID}}| Export-Csv "U:\member.csv" -NoTypeInformation
I would group on username and use calculated properties to create the desired result. Sort the groupnames in the group and pick out the first value. Try to replace your last line with:
$Table | Group-Object -Property Username |
Select-Object #{n="UserName";e={$_.Name}}, #{n="GroupName";e={$_.Group | Sort-Object GroupName | Select-Object -First 1 -ExpandProperty GroupName}} |
Export-Csv "U:\members.csv" -NoTypeInformation
Avoid -Filter * as it retrieves every group. Use it to get only the groups you need
$Groups = Get-ADGroup -Filter "name -like 'G-Q-T*'"
Alternative using the famous pipeline:
Get-ADGroup -Filter "name -like 'G-Q-T*'" | ForEach-Object {
$groupname = $_.Name
$_ | Get-ADGroupMember | ForEach-Object {
New-Object -TypeName psobject -Property #{
UserName = $_.SamAccountName
SID = $_.SID
GroupName = $groupname
}
}
} | Group-Object -Property UserName |
Select-Object #{n="UserName";e={$_.Name}}, #{n="SID";e={$_.Group[0].SID}}, #{n="GroupName";e={$_.Group | Sort-Object GroupName | Select-Object -First 1 -ExpandProperty GroupName}} |
Export-Csv "U:\members.csv" -NoTypeInformation
The following PowerShell script generates a CSV file with three columns (Group, User, SAMAccountName) that associates each instance of a given distribution group with a respective member:
$dist = ForEach ($group in (Get-DistributionGroup -Filter {name -like "*"})) { Get-DistributionGroupMember $group | Select #{Label="Group";Expression={$Group.Name}},#{Label="User";Expression={$_.Name}},SamAccountName} $dist | Sort Group,User | Export-CSV c:\scripts\file.csv -NoTypeInformation
It affords the user a convenient way to filter the groups and display group members. My question: Is there a quick way to modify this script so that it adds a fourth column that displays a property of the groups (specifically, the "HiddenFromAddressListsEnabled" property)?
Just add it to the Select-Object portion
$dist = ForEach ($group in (Get-DistributionGroup -Filter {name -like "*"})) { Get-DistributionGroupMember $group | Select #{Label="Group";Expression={$Group.Name}},#{Label="User";Expression={$_.Name}},SamAccountName,HiddenFromAddressListsEnabled} $dist | Sort Group,User | Export-CSV c:\scripts\file.csv -NoTypeInformation
See it after the SamAccountName
To Get the HiddenFromAddressListsEnabled for the Groups:
$dist = ForEach ($group in (Get-DistributionGroup -Filter {name -like "*"})) { Get-DistributionGroupMember $group | Select #{Label="Group";Expression={$Group.Name}},#{Label="User";Expression={$_.Name}},SamAccountName,{$Group.HiddenFromAddressListsEnabled}} $dist | Sort Group,User #| Export-CSV c:\scripts\file.csv -NoTypeInformation
However, There's another way to do it, and easier to read and manipulate:
$Array = #()
$Groups = Get-DistributionGroup
Foreach ($Group in $Groups)
{
$DGMembers = Get-DistributionGroupMember $Group
Foreach ($Member in $DGMembers)
{
$Result = "" | Select GroupName,Member,SamAccountName,HiddenFromAddressListsEnabled
$Result.GroupName = $Group.Name
$Result.Member = $Member.Name
$Result.SamAccountName = $Member.SamAccountName
$Result.HiddenFromAddressListsEnabled = $Group.HiddenFromAddressListsEnabled
$Array += $Result
}
}
$Array | Export-CSV c:\scripts\file.csv -NoTypeInformation