I have a PS script that is pulling Employee IDs from a CSV file that I update every morning that I get from HR just to make sure the automation is running correctly by adding/changing their email, extensionAttribute 1, and the ProxyAddresses. I would like it to only check for the Primary SMTP instead of all ProxyAddresses but am having trouble.
Import-Csv "C:\temp\HRfeed101519.csv" | foreach {Get-ADUser $_.EmpID -Properties * | fL mail, extensionattribute1, Proxyaddresses}
The ProxyAddresses field identifies the PrimarySMTPAddress with the SMTP: tag. Therefore, you can query for that specifically and output it as a calculated property.
Get-ADUser $_.EmpID -prop ProxyAddresses,Mail,ExtensionAttribute1 |
Select-Object Mail,ExtensionAttribute1,ProxyAddresses,
#{Name='PrimarySMTPAddress';Expression={$_.ProxyAddresses -cmatch '^SMTP:' -creplace 'SMTP:'}}
-cmatch and -creplace perform case-sensitive regex matching.
Note: The default table display of the output may not show all of the properties and values due to collection size stored in ProxyAddresses. You can pipe your output to Format-List to see all properties, but do not store the Format-List output in a variable.
Related
trying to write a script that pulls all AD groups in an OU (recursive) and exports the results to CSV to include Group Display Name, Members and Distinguished Name. when i run the script, it returns the results as expected in the PowerShell console, but when it exports to CSV, the results for the Members of the group is replaced with "microsoft.activedirectory.management.adpropertyvaluecollection"
as you can see in the code below it does us a Read-Host input since i am writing this script for other Admins in the company to use as well on OUs they need the info from so they can set the output directory and filename as they see fit.
what am i missing here? where have i gone wrong in my code for it to display the member info in the console but display "microsoft.activedirectory.management.adpropertyvaluecollection" in the .CSV output in place of the members name.
any suggestion or help would be greatly appreciated.
#set output directory and file name file name
$directoryandfilename = Read-Host -Prompt 'Enter directory and file name for output - Example - C:\Control\Test\Test.csv'
Get-ADGroup -Filter * -searchbase "OU=Name,OU=Name,DC=DCName,DC=Name,DC=Name,DC=Name,DC=Name" -Properties * | select DisplayName, Members, DistinguishedName | Sort DistinguishedName | Export-csv $directoryandfilename -NoTypeInformation
Member attribute is always a collection even if it has only one object, if you want to export this property to CSV you must convert it into a string, be it multi-line or a single line string with all items joined by a delimiter (your choice).
The following will export all group members as single line joining all elements by a comma ,:
Get-ADGroup -Filter * -SearchBase "OU=Name,DC=Domain,DC=xyz" -Properties Member, DisplayName |
Select-Object DisplayName, #{N='Members';E={ $_.Member -join ',' }}, DistinguishedName |
Sort-Object DistinguishedName |
Export-Csv $directoryandfilename -NoTypeInformation
If instead you want each members in their own line (a multi-line string), you could change the expression:
E={ $_.Member -join ',' }
To:
E={ $_.Member -join [Environment]::NewLine }
I got user information from the user group in AD. every column has no problem except the user name.
On csv, User name is normal but there is a format when I get content from csv for using powershell like as below;
#{Name=abc}
for compare-object with two CSV, I need to use -expand.
Is there anyway to avoid this result?
I want to get a same content on CSV and powershell.
get-adgroup $path -server server.com | get-adgroupmember -recursive | select-object -unique | get-aduser -properties mail | name, mail | export-csv c:\result.csv
Use import-csv cmdlet to import the csv and not get-content. Also the provided code sample won't work - e.g. you missed select-object here:
| name, mail |
You do not need to query the group, as you already know the name ($path), you can directly query the groupmemberships, e.g.:
get-adgroupmember -identity $path -recursive
But in the end you could achieve the same in a much more efficient way, e.g.:
get-aduser -LDAPFilter "(memberOf:1.2.840.113556.1.4.1941:=[groupDistinguishedName])" -property mail | select-object -property mail,name | export-csv [path]
replace [groupDistinguishedName] with the distinnguishedName of the group. This will give you all users back which are member (transitive) of the defined group.
see: https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-adts/4e638665-f466-4597-93c4-12f2ebfabab5
I am needing to parse through user information to find which computers a specific user has access to, and then filter that out to generate txt docs for each computer listing the allowed users for that machine. However, my script isn't returning expected results and is creating incomplete lists.
Get-Content c:\temp\computers.txt | ForEach-Object {
$computername = $_
Get-ADUser -Filter "LogonWorkstations -like '*$computername'" -Properties LogonWorkstations |
Format-Table SamAccountName, Enabled |
Out-File -FilePath c:\temp\Accounts\"$computername-$fileDate".txt
}
I am fairly certain the issue lies in my filtering, because some of the files are returning info, however only ones where the username matches the computer name in some regard. Rather than listing users whose "LogonWorkstation" includes said computer, which is what I am looking to do. (If I pull a user's "LogonWorkstation" separately, that information is correct.)
I believe the issue is that the logonworkstations property stores the list of computers as a string rather than a collection. Since the -Filter parameter has limited operators, you will need to use -like in order to introduce wildcards. Then you can use whatever method to build your computer name string to include surrounding asterisks.
Get-Content c:\temp\computers.txt |
ForEach-Object {
Get-ADUser -Filter "LogonWorkstations -like '*$_*'" -Properties LogonWorkstations |
Format-Table SamAccountName, Enabled |
Out-File -FilePath c:\temp\Accounts\"$_-$fileDate".txt
}
I have created the below
Get-ADGroup -Filter * -SearchBase "DC=Domain,dc=.com" -properties name, members |
Select-Object *,#{Name='Member';Expression={$_.Members -replace '^CN=([^,]+).+$','$1'}} |
FT Name, Member -Autosize |
out-file c:\text.txt
Ignore Domain and .com I have them populated with my relevant information, but for sake of here removed them.
When I run this it returns what I'm after but when looking at the members within the group they all end with ... and don't show all the members
There are a few things to correct. Let's look at them in order. The actual AD query can be simplified: you only need to specify 'Members' as an additional property to retrieve as 'Name' is brought back by default:
Get-ADGroup -Filter * -SearchBase "DC=Domain,dc=.com" -properties members
Given that you only want to output two properties ('Name' and your custom one 'Member'), use your select to retrieve only the ones you want:
Select-Object Name ,#{Name='Member';Expression={$_.Members -replace '^CN=([^,]+).+$','$1'}}
Remove the Format-Table: we have already limited the selection in the previous command. Format cmdlets are designed to format the output to the console window and best practice dictates that they should only be used for that purpose and that they should always be the last element of a pipeline.
Piping all of that to Export-Csv will then produce what you want:
Export-Csv -NoTypeInformation -Path C:\text.csv
This one did the trick for me
Get-ADGroupMember -Identity Administrators | Select-Object name, objectClass,distinguishedName | Export-CSV -Path “adgroupmembers.csv”
I got this here.
https://www.lepide.com/how-to/export-members-of-a-particular-ad-group-using-poweshell.html#:~:text=The%20PowerShell%20Get%2DADGroupMember%20cmdlet,group%20you%20want%20to%20use.
I have a CSV file that looks like this:
name
fname1lname1#companyemail.com
fname2lname2#companyemail.com
...
I would like to loop through each email address and query AD for that address to grab the user objects ID. I have been able to do this using a script, but I would like to be able to do it using just one line.
This is what I've done so far:
import-csv -path .\csv_file.csv | foreach-object { get-aduser -filter { proxyaddresses -like "*$_.name*} | select name } | out-file .\results.csv
This obviously doesn't work and I know it has something to do with how I am handling my $_ object in the foreach loop.
I'm hoping for the output to look something like:
fname1lname1#companyemail.com,userID1
fname2lname2#companyemail.com,userID2
...
You are filtering on the property proxyaddresses however that is not part of the default property set that Get-AdUser returns. Also your code had a errant " which might have been a copy paste error.
Import-CSV -Path .\csv_file.csv | ForEach-Object {
Get-ADUser -Filter "ProxyAddresses -like '*$($_.name)*'" -Properties ProxyAddresses,EmailAddress | select EmailAddress,SamAccountName
} | Export-CSV .\results.csv -NoTypeInformation
-Filter can be tricky sometimes as it is looking for string input. Wrap the whole thing in quotes and use a sub expression to ensure that the variable $_.Name is expanded properly and has is asterisks surrounding it.
Since you are also looking for emailaddress we add that to the properties list as well. I will assume the second column is for samaccountname.
We also use Export-CSV since that will make for nice CSV output.
If you're using Exchange this can be much simpler and faster if you use the Exchange cmdlets:
Import-CSV -Path .\csv_file.csv | ForEach-Object {
Get-Recipient $_ |
Select PrimarySMTPAddress,SamAccountName
} | Export-CSV .\results.csv -NoTypeInformation
Exchange requires all email address to be unique, and maintains it's own internal database that uses email address as a primary index so it can return the DN and SamAccountName that goes with that email address almost immediately.
AD doesn't require them to be unique, so it doesn't index on that attribute and it has to search every user object looking for the one that has that email address in it's proxy address collection.