I am trying to create a batch file for my below powershell script. I want it to ask Group name first and then run the PS script.
Get-AdGroupMember -identity "GroupName" | select name | Export-csv -path C:\members.csv -NoTypeInformation
Any leads please?
If you want Ps to ask, the consider using read-host like mentioned by #vonPryz.
$groupname = read-host "Please enter the Group Name:" # this bit will save the input to a variable.
Get-AdGroupMember -identity $groupname | select name | Export-csv -path C:\members.csv -NoTypeInformation
Related
I am trying to get a file with the group-memberships for every user that is specified in a txt/csv file.
so this is what i had before:
Get-ADPrincipalGroupMembership -Identity $user -Server $DC | Select name | Where-Object name -like GUSR_* | Out-File "C:\temp\$user.txt"
this work fine for getting the groups from 1 singel user, but now i have to do this for 100+ users.
And instead of doing it one by one i am looking for a way to automate it.
so i got myself a .csv export of all the users i want this done for.
and started trying.
what i came up with so far:
$users = Get-Content "C:\temp\test.csv" |ForEach-Object {Get-ADPrincipalGroupMembership -Identity $users -Server $DC | Select name | Where-Object name -like GUSR_* | Out-File "\\ads.net\ADS\SDL\Temp\_ROLAND\RSD\test2\$users.txt"}
This cleary doesnt work.
I have tried a couple of other things with the foreach command but nothing did the trick.
I have the feeling i am not on the right path to get my result.
Maby somebody has done this before and can help me get on the right path.
i'm not new to powershell but i'm far from an expert, most of the time i use it for basic singel commands or edit some great scripts i find.
sadly for this i haven't found any yet.
with kind regards
Roland
Don't assign back to a variable
Import the CSV
No filter after select
Pretiffy your -like
Use $_ as pipeline variable
Use subexpression operator for string+variable concatenation
Import-Csv "C:\temp\test.csv" |ForEach-Object {Get-ADPrincipalGroupMembership -Identity $_.users -Server $_.DC | Where-Object {$_.name -like 'GUSR_*'} | Select -Expand Name | Out-String | Out-File "\\ads.net\ADS\SDL\Temp\_ROLAND\RSD\test2\$($_.users).txt"}
Should be a very simple script but having issues getting the output from the get-aduser to be recognized as a variable, among other things. I've tried every format of quotes and brackets I can think of but can't get a proper output. The script is just querying a specific user and exporting the AD groups to a folder named for their department, then into a text file using the name and title.
$usertocheck = Read-Host -Prompt 'Input user to check'
$depttoadd = Get-AdUser -Filter {samAccountName -eq "$usertocheck"} -Properties Department |
Select-Object -expand Department
New-Item -ItemType Directory -Force -Path "C:\Users\Public\Desktop\UserRecords\$depttoadd\"
Get-ADPrincipalGroupMembership $usertocheck | select name |
Out-File -FilePath "C:\Users\Public\Desktop\UserRecords\$($usertocheck)_$($titlelookup).txt"
Any hints would be appreciated.
It works for me, when I remove the quotes around $usertocheck in the below line ($usertocheck is a string already, so no need for quotes)
$depttoadd = Get-AdUser -Filter {samAccountName -eq $usertocheck} -Properties Department |
As a side note, you could also access the department property of the object returned by Get-AdUser like so
$depttoadd = $(Get-AdUser -Filter {samAccountName -eq $usertocheck} -Properties Department).Department
Acessing the properties of an object is from my experience the more reliable and cleaner way of getting the output you want, rather than using 'Select-Object'.
Hope this helps.
I'v been using these to list locked users in my domain and prompt me for input samaccountname to unlock desired one:
I did it with 3 file.
first one is ps1 to list all of them
import-module activedirectory
search-adaccount -lockedout | select name, samaccountname, OU
second one is another ps1 file:
$user = Read-Host "Enter user account (SAMACCOUNTNAME) to unlock or press ENTER to refresh list"
Search-ADAccount -LockedOut | Where {$_.samaccountname -eq $user} | Unlock-ADAccount
and for executing above files, i use a .bat file:
:loop
powershell.exe -ExecutionPolicy Bypass -File c:\ps\lockedlist.ps1
powershell.exe -ExecutionPolicy Bypass -File c:\ps\unlock.ps1
cls
goto loop
and when i run it... it list all locked users and i can copy paste each samaacount name to unlock them
BUT the problem is,when I want to do it with ONE ps1 file it doesnt work. it just ask for samaccountname but it doesnt list it
import-module activedirectory
search-adaccount -lockedout | select name, samaccountname, OU
$user = Read-Host "Enter user account (SAMACCOUNTNAME) to unlock or press ENTER to refresh list"
Search-ADAccount -LockedOut | Where {$_.samaccountname -eq $user} | Unlock-ADAccount
i know .bat file will be pretty same...
thanks to anyone who reads and helps.
Powershell always tries to optimize the output it gives for you. So the order of the output might not be the same as you expect it from the commands you have in a script. If possible it will concatenate output to be more readable especially when it's the same type of objects. To break this you could use a format cmdlet like Format-Table par example.
Search-ADAccount -LockedOut |
Select-Object -Property Name, sAMAccountName, DistinguishedName |
Format-Table
$user = Read-Host -Prompt 'Enter user account (SAMACCOUNTNAME) to unlock or press ENTER to refresh list'
Search-ADAccount -LockedOut |
Where-Object -FilterScript {$_.samaccountname -eq $user} |
Unlock-ADAccount
At least, it worked in my environment.
And BTW: Since Powershell version 3 you don't need to explicitly import the modules anymore. They will be imported automaticaly. Better would be to use a #Requires statement like #Requires -Modules activedirectory on top of the script. That would even prevent the script to run if there's no active directory module installed
I've a text file with a list of distribution groups that I'm trying to get managedby attribute. I tried running different commands but seems to be a syntax issue ( fairly new to PowerShell) because I'm able to retrieve the attribute managedby for single distribution group. When I'm formatting and exporting the result to csv file all I get is a bunch of numbers. I'm on powershell exchange server 2008.
Starting with a flat text file named groups.txt:
Employees#company.com
Executives#company.com
Suggested Solution:
$grouplist = Get-Content groups.txt | foreach {Get-DistributionGroup -Identity $_ | Select-Object PrimarySMTPaddress, ManagedBy}
$grouplist | Export-Csv -Path results.csv -NoTypeInformation
Gives results like:
"PrimarySmtpAddress","ManagedBy"
"Employees#company.com","admin"
"Executives#company.com","admin"
Reproducing the "bunch of numbers" issue:
$grouplist = Get-Content groups.txt | foreach {Get-DistributionGroup -Identity $_ | Select-Object PrimarySMTPaddress, ManagedBy}
Export-Csv -InputObject $grouplist -Path results2.csv -NoTypeInformation
Resulted in:
"Count","Length","LongLength","Rank","SyncRoot","IsReadOnly","IsFixedSize","IsSynchronized"
"2","2","2","1","System.Object[]","False","True","False"
Environment: Exchange 2013, Powershell 5.0, Windows 10 Tech Preview 3
How can I add multiple computer accounts from within a text file into a security group in Active Directory? I put this snippet of code together but it only works with user accounts.
Import-Module ActiveDirectory
Get-Content C:\Servers.txt | Foreach-Object {Add-ADGroupMember "WSUS Auto Download and Notify for Install" $_}
The command you are looking for is Add-ADPrincipalGroupMembership.
Get-Content c:\servers.txt | Add-ADPrincipalGroupMember -memberof 'WSUS Auto Download and Notify for Install'
If you need to add the "$" at the end of the computer name, your command could use a scriptblock parameter (an anoymous function that can modify pipeline input).
Get-Content c:\servers.txt | Add-ADPrincipalGroupMember -memberof 'WSUS Auto Download and Notify for Install' -identity {"$_$"}
I use -Identity $_.objectGUID
$_$ didn't work for me.
EDIT: Ah, sorry, that's because I use Get-ADComputer to pipe it, and not a text file.
I had similar task found info on this link worked for me,
Run it in powershell as admin
Import-Module ActiveDirectory
$List=Get-Content c:\computers.txt
$List | foreach {Add-ADGroupMember -id ADGroupName -MEMBERS (Get-ADComputer $_)