I need some way to report which users in our AD are having duplicated ProxyAddresses or aliases.
Get-ADUser -filter * -properties proxyaddresses |
Select-Object Name,
#{ L = "proxyAddresses"; E = { ($_.ProxyAddresses -like 'smtp:*') -join ";" } } |
export-csv -Path C:\proxyaddresses.csv -NoTypeInformation
I need only the duplicated AD user, not the whole lot, how can I get that report to . CSV file?
You need to wait before concatening your proxy addresses until you are done working with them.
You can get the duplicates by comparing the count of proxy addresses with the count of unique proxy addresses (Select-Object -Unique). If the count mismatch, then you have some dupe in there. If it is the same, then no duplicates.
Here is an example:
$Users = Get-ADUser -filter * -properties proxyaddresses |
Select-Object Name,
#{ L = "proxyAddresses"; E = { $_.ProxyAddresses -like 'smtp:*' } }
$Dupes = $Users | Where-Object -FilterScript { $_.proxyaddresses.Count -ne ($_.ProxyAddresses | Select-Object -Unique).Count }
$Dupes | Select Name, #{'Name' = 'ProxyAddresses' ; 'Expression' = { $_.proxyAddresses -join ';' } } | export-csv -Path C:\proxyaddresses.csv -NoTypeInformation
Reference dataset used
$Users = #(
[PSCustomObject]#{Name = 'Value'; proxyaddresses = #('SMTP:a#a.com', 'SMTP:a#a.com' ) }
[PSCustomObject]#{Name = 'Bob Value'; proxyaddresses = #('SMTP:a#a.com', 'b#a.com') }
)
Not sure if you want:
Users that have a duplicated address in their proxy list (see answer #SagePourpre), or
All users that have the same proxy addresses in their list as another user (this answer)
Create an index (hashtable) where each proxy address refers to a list of users that own that specific proxy address:
$ADUserByProxy = #{}
Get-ADUser -filter * -properties proxyaddresses |
ForEach-Object {
ForEach ($Proxy in $_.ProxyAddresses) {
if (!$ADUserByProxy.Contains($Proxy)) {
$ADUserByProxy[$Proxy] = [Collections.Generic.List[Object]]::new()
}
$ADUserByProxy[$Proxy].Add($_)
}
}
Than list all the values that contain more then 1 user:
$ADUserByProxy.GetEnumerator() |
Where-Object { $_.Value.Count -gt 1 } |
ForEach-Object { $_.Value } |
Export-csv -Path C:\proxyaddresses.csv -NoTypeInformation
Perhaps not the fastest method, but here's an alternative:
Get-ADUser -Filter * -Properties proxyaddresses | Foreach-Object {
$unique = $_.ProxyAddresses | Select-Object -Unique
$dupes = Compare-object -ReferenceObject $unique -DifferenceObject $_.ProxyAddresses -PassThru
if (#($dupes).Count) {
$_ | Select-Object Name, #{Name = 'DuplicateAddresses'; Expression = {$dupes -join ';'}}
}
} | Export-Csv -Path 'C:\proxyaddresses.csv' -NoTypeInformation
I have an AD group from which I need to pull all smtp addresses from ProxyAddresses for each user into a single column. I have the script below which is only pulling the first addresses from ProxyAddresses. Some users will have two or more addresses. What can I add to my script to pull all smtp addresses from ProxyAddresses. I'm new with Powershell have have struggled to get this to work. I've spent a good part of the day googling and just can't get there. Any help would be greatly appreciated. Thanks!
<pre><Get-ADGroupMember -Identity "EDL_ProEquities Smarsh" -Recursive |
Get-ADUser -Properties Proxyaddresses |
Select-Object #{ L = "ProxyAddresses"; E = {($_.ProxyAddresses | Where-Object
{$_ -like "*smtp:*"} | ForEach-Object {$_ -replace 'smtp:'}) -join
"`r`n'`;"}} |
Export-CSV -Path "c:\temp\EDL.csv" -NoTypeInformation</pre>
You're almost there. ;-) I think you have at least two options to approach this task. Either you join all desired smtp addresses in one cell in your csv file like this:
Get-ADGroupMember -Identity 'EDL_ProEquities Smarsh' -Recursive |
Get-ADUser -Properties ProxyAddresses |
ForEach-Object {
[PSCustomObject]#{
sAMAccountName = $_.sAMAccountName
ProxyAddresses = ($_.ProxyAddresses | Where-Object { $_ -match '^smtp:' } | ForEach-Object { $_ -replace 'smtp:' }) -join ','
}
} |
Export-CSV -Path 'c:\temp\EDL.csv' -NoTypeInformation
... or you output each individual smtp address on an individual line like this:
Get-ADGroupMember -Identity 'EDL_ProEquities Smarsh' -Recursive |
Get-ADUser -Properties ProxyAddresses |
ForEach-Object {
$User = $_
$SMTPAddressList = $_.ProxyAddresses | Where-Object { $_ -match '^smtp:' } | ForEach-Object { $_ -replace 'smtp:' }
foreach ($SMTPAddress in $SMTPAddressList) {
[PSCustomObject]#{
sAMAccountName = $User.sAMAccountName
SMTPAddress = $SMTPAddress
}
}
} |
Export-CSV -Path 'c:\temp\EDL.csv' -NoTypeInformation
I'm trying to export the username and the user's group membership (of specifc groups) to a CSV file using Export-Csv. However, I couldn't accomplish this using several approaches.
My current script works fine but the output is shown on the PowerShell console alone:
$accounts = Get-Content "C:\Scripts\getUserGroups\users.txt"
foreach ($account in $accounts) {
"$account member of:"
Get-ADPrincipalGroupMembership -Identity $account |
select Name |
Where-Object { $_.name -like 'Browsing_Group*' } |
Sort Name
}
I want to export it to a file in an ordered manner:
UserName1
group membership
UserName2
group membership
etc...
I've tried to add to a variable but probably didn't do that correctly:
$ArrList = [System.Collections.ArrayList]#()
$accounts = Get-Content "C:\Scripts\getUserGroups\users.txt"
foreach ($account in $accounts) {
$ArrList.Add($account)
$groups = Get-ADPrincipalGroupMembership -Identity $account |
select Name |
Where-Object {$_.name -like 'Browsing_group*' } |
Sort Name
$ArrList.Add($grops)
}
Might be a different approach.
You need to build custom objects in order to export the data to a CSV via Export-Csv. The 2 main ways of doing that are:
using calculated properties:
$accounts |
Select-Object #{n='Username';e={$_}}, #{n='Groups';e={
(Get-ADPrincipalGroupMembership -Identity $_ |
Select-Object -Expand Name |
Where-Object {$_ -like 'Browsing_group*' } |
Sort-Object) -join ';'
}} |
Export-Csv 'C:\path\to\output.csv' -NoType
building custom objects directly:
$accounts | ForEach-Object {
$groups = Get-ADPrincipalGroupMembership -Identity $_ |
Select-Object -Expand Name |
Where-Object {$_ -like 'Browsing_group*' } |
Sort-Object
New-Object -Type PSObject -Property #{
'Username' = $_
'Groups' = $groups -join ';'
}
} | Export-Csv 'C:\path\to\output.csv' -NoType
With PowerShell version 3 or newer you can replace New-Object with the [PSCustomObject] type accelerator:
[PSCustomObject]#{
'Username' = $_
'Groups' = $groups -join ';'
}
I'm trying to get a dump of all user records and their associated groups for a user ID revalidation effort. My security officer wants it in CSV format.
This works great:
Get-ADUser -Filter * -Properties * | Select-Object -Property Name,SamAccountName,Description,EmailAddress,LastLogonDate,Manager,Title,Department,whenCreated,Enabled,Organization | Sort-Object -Property Name | ConvertTo-CSV
However, that does not include the groups the user is a member of.
Attempts at something like this have failed:
Get-ADUser -Filter * -Properties * | Select-Object -Property Name,SamAccountName,Description,EmailAddress,LastLogonDate,Manager,Title,Department,whenCreated,Enabled,Organization, #{$_.MemberOf |Get-Group|ForEach-Object {$_.Name}} | Sort-Object -Property Name | ConvertTo-CSV
This also failed:
Get-ADUser -Filter * -Properties * | Sort-Object -Property Name | ForEach-Object {
$_ | Format-List -Property Name,SamAccountName,Description,EmailAddress,LastLogonDate,Manager,Title,Department,whenCreated,Enabled
$_.MemberOf | Get-ADGroup | ForEach-Object {$_.Name} | Sort-Object
} | ConvertTo-CSV
I'm probably missing something simple.
Any help would be greatly appreciated.
Thanks!
From a Windows Server OS execute the following command for a dump of the entire Active Director:
csvde -f test.csv
This command is very broad and will give you more than necessary information. To constrain the records to only user records, you would instead want:
csvde -f test.csv -r objectClass=user
You can further restrict the command to give you only the fields you need relevant to the search requested such as:
csvde -f test.csv -r objectClass=user -l DN, sAMAccountName, department, memberOf
If you have an Exchange server and each user associated with a live person has a mailbox (as opposed to generic accounts for kiosk / lab workstations) you can use mailNickname in place of sAMAccountName.
For posterity....I figured out how to get what I needed. Here it is in case it might be useful to somebody else.
$alist = "Name`tAccountName`tDescription`tEmailAddress`tLastLogonDate`tManager`tTitle`tDepartment`tCompany`twhenCreated`tAcctEnabled`tGroups`n"
$userlist = Get-ADUser -Filter * -Properties * | Select-Object -Property Name,SamAccountName,Description,EmailAddress,LastLogonDate,Manager,Title,Department,Company,whenCreated,Enabled,MemberOf | Sort-Object -Property Name
$userlist | ForEach-Object {
$grps = $_.MemberOf | Get-ADGroup | ForEach-Object {$_.Name} | Sort-Object
$arec = $_.Name,$_.SamAccountName,$_.Description,$_.EmailAddress,$_LastLogonDate,$_.Manager,$_.Title,$_.Department,$_.Company,$_.whenCreated,$_.Enabled
$aline = ($arec -join "`t") + "`t" + ($grps -join "`t") + "`n"
$alist += $aline
}
$alist | Out-File D:\Temp\ADUsers.csv
csvde -f test.csv
This command will perform a CSV dump of every entry in your Active Directory server. You should be able to see the full DN's of users and groups.
You will have to go through that output file and get rid off the unnecessary content.
the first command is correct but change from convert to export to csv, as below,
Get-ADUser -Filter * -Properties * `
| Select-Object -Property Name,SamAccountName,Description,EmailAddress,LastLogonDate,Manager,Title,Department,whenCreated,Enabled,Organization `
| Sort-Object -Property Name `
| Export-Csv -path C:\Users\*\Desktop\file1.csv
HI you can try this...
Try..
$Ad = Get-ADUser -SearchBase "OU=OUi,DC=company,DC=com" -Filter * -Properties employeeNumber | ? {$_.employeenumber -eq ""}
$Ad | Sort-Object -Property sn, givenName | Select * | Export-Csv c:\scripts\ceridian\NoClockNumber_2013_02_12.csv -NoTypeInformation
Or
$Ad = Get-ADUser -SearchBase "OU=OUi,DC=company,DC=com" -Filter * -Properties employeeNumber | ? {$_.employeenumber -eq $null}
$Ad | Sort-Object -Property sn, givenName | Select * | Export-Csv c:\scripts\cer
Hope it works for you.
I have the following code,
Get-AdGroup -filter * | select Name, sAMAccountName | Foreach-Object{
New-Object PSObject -Property #{
oldAccount = $_.Name
newAccount = "c:0-.t|adfs-2|" + $_.sAMAccountName
}
} | Export-CSV "ADGroups.csv" -NoTypeInformation
This works as designed and everything comes out as it should but they do not comeout in the order I need. I believe they come out in alphabetical order so the newAccount is always first. How can I make newAccount the second column?
You could add a Select-Object prior to the export, that will define the order.
Get-AdGroup -filter * | select Name, sAMAccountName | Foreach-Object{
New-Object PSObject -Property #{
oldAccount = $_.Name
newAccount = "c:0-.t|adfs-2|" + $_.sAMAccountName
}
} | select oldAccount, newAccount | Export-CSV "ADGroups.csv" -NoTypeInformation
Well, you could write your own CSV
"`"oldAccount`",`"newAccount`"" | Out-File "ADGroups.csv"
Get-AdGroup -filter * | select Name, sAMAccountName | Foreach-Object{
"`"$_.Name`",c:0-.t|adfs-2|$_.sAMAccountName" | Out-File "ADGroups.csv" -append
}