Import-Module ActiveDirectory
$users = Get-ADGroupMember -identity “GroupName” | select saMAccountName
foreach($user in $users)
{
}
How can I get 2 properties from here. I need the sAMAccountName and the Office
First, verify if you want to get the "Office" property, or "physicalDeliveryOfficeName"
foreach ($user in $users)
{
Get-ADUser $user -Properties Office | select SamAccountName,Office
}
Also, you don't need to select anything for your $users object to work
$users = Get-ADGroupMember -Identity GroupName
A great thing about working with Active Directory cmdlets is that you can usually throw the entire object at it, and it will work because of:
[parameter(ValueFromPipelineByPropertyName=$true)]
Adding an example that worked for exporting to CSV:
Get-ADUser $user -Properties Office | select SamAccountName,Office | Export-Csv -NoTypeInformation C:\PSResults\foo.csv
Related
I had a list of 50 users with the Active Directory extensionAttribute12 sent to me, I was told that extensionAttribute13 was mixed up. So far, as I go through and check in AD, I don't see this to be so.
I would like to use PowerShell to check the list he gave me and export to my own list without going one by one.
I have this and when I runs it seems to export all users, but in my list, I only have 1 user. Later, I would like to run on the list of 50. I don't understand why I get all of the users.
Import-Module ActiveDirectory
$UserList=Import-Csv C:\Users\RHyman\Documents\ExListTest.csv
FOREACH ($Person in $UserList)
{
Import-Csv C:\Users\rhyman\Documents\ExListTest.csv | ForEach {
Get-ADUser -Filter * -Properties UserPrincipalName, extensionAttribute12, emailAddress, SAMAccountName | `
Select UserPrincipalName, extensionAttribute12, extensionAttribute13 | `
Export-CSV c:\allinfo.csv -NoTypeInformation
}
}
I've done some editing, this is what I have now:
Import-Module ActiveDirectory
$UserList=Import-Csv C:\Users\RHyman\Documents\ExListTest.csv
FOREACH ($Person in $UserList)
{
Get-ADUser -Identity "$UserList" -Properties UserPrincipalName, extensionAttribute12, emailAddress, SAMAccountName |
Select UserPrincipalName, extensionAttribute12, extensionAttribute13 |
Export-CSV C:\Users\RHyman\Documents\allinfo.csv -NoTypeInformation
}
What I'm most concerned with is that the Get-Aduser has error:
Cannot find an object with identity: '#{UserPrincipalName=first.last#x.x.gov
It sees the name on the list but I may have to go to the csv file and change the way the list displays the names.
Revised script: Only thing now exported csv is empty
Import-Module ActiveDirectory
$UserList=Import-Csv C:\Users\RHyman\Documents\ExListTest.csv
FOREACH ($Person in $UserList)
{
Get-ADUser -Filter {(mail -eq "$UserList")} -Properties
UserPrincipalName, extensionAttribute12, emailAddress, SAMAccountName |
Select UserPrincipalName, extensionAttribute12, extensionAttribute13 |
Export-CSV C:\Users\RHyman\Documents\allinfo.csv -NoTypeInformation
}
Finally got what I was looking for and it does what I wanted
This is what I needed and used Get-Content
Get-ADUser -Filter {mail -like $_}
Thanks for all the help!
You are passing entire csv [Get-ADUser -Identity "$UserList"] into Identity use below instead.
$UserList=Import-Csv C:\Users\RHyman\Documents\ExListTest.csv
FOREACH ($Person in $UserList)
{
Get-ADUser -Identity $UserList.UserPrincipalName
<#
Run the Script On Active Directory to remove disabled users from All Groups and Set description what user was member of group if you have all the disable users in an OU.
Just add -SearchBase "OU=disabled,DC=domain,DC=com" after -filter 'enabled -eq $false'
#>
import-module activedirectory
$users=get-aduser -filter 'enabled -eq $false' -SearchBase "OU=Lockdown,DC=home,DC=ac,DC=uk" -Properties samaccountname,memberof |select samaccountname, #{n=’MemberOf’; e= { ( $_.memberof | % { (Get-ADObject $_).Name }) -join “,” }}
#set description
Foreach ($user in $users)
{ Set-ADUser $user.samaccountname -Replace #{info="Was a member of :- $($user.memberof)"}
# Export the list to csv
$Groups = (Get-ADPrincipalGroupMembership -Identity $user.SamAccountName | Select-Object -ExpandProperty name) -join ','
get-aduser $user.SamAccountName -properties memberof,samaccountname,givenname,surname | select samaccountname, #{name="Groups";expression={$Groups}} | export-csv "C:\Users\Administrator\Desktop\grpsss.csv" -Delimiter ";"
# Remove From all the Groups
Get-ADGroup -Filter {name -notlike "*domain users*"} | Remove-ADGroupMember -Members $user.samaccountname -Confirm:$False
}
$total = ($users).count
Write-Host "$total accounts have been processed..." -ForegroundColor Green
This script Removes all the groups from Disabled Users (From Disabled OU), It adds the names of those groups to Information Field along with an export of csv with the same information.
Porblem is that the csv is only populated with one user's groupmembership when there are many users in Disabled OU. question is, how do i export all the user and their group membership in a csv format. so i have a list of all the users that have been processed.
I always thought that export-csv will export eveything that powershell processes?
Thanks for your help in advance.
Your script attempts to export a csv for each user:
Foreach ($user in $users) {
...
get-aduser $user.SamAccountName -properties memberof,samaccountname,givenname,surname |
select samaccountname, #{name="Groups";expression={$Groups}} |
export-csv "C:\Users\Administrator\Desktop\grpsss.csv" -Delimiter ";"
...
}
However, this will mean that only the last user run in this foreach block will have its data written out to a .csv file.
This is because Export-Csv will overwrite the contents of an existing .csv file by default. So every user in your foreach block will overwrite the user before it.
To fix this, add the parameter switch -Append to the end of your Export-Csv command. This will add on each users data to the end of the file rather than overwrite it e.g.
Foreach ($user in $users) {
...
get-aduser $user.SamAccountName -properties memberof,samaccountname,givenname,surname |
select samaccountname, #{name="Groups";expression={$Groups}} |
export-csv "C:\Users\Administrator\Desktop\grpsss.csv" -Delimiter ";" -Append
...
}
I've only just started to learn PowerShell but I'm banging my head on the wall with this one. When I Import-CSV a list of users to get the userprincipalname on Get-Aduser with the header SamAccountName, I am able to see all the emails on the console:
ForEach ($user in $allUsers)
{
Get-ADUser $user.samaccountname -Properties userprincipalname | select -Property userprincipalname
}
However, when I try to export them to a csv-file only 1 user comes out. I always have a problem when using a foreach loop for this...
ForEach ($user in $allUsers)
{
Get-ADUser $user.samaccountname -Properties userprincipalname | select -Property userprincipalname | export-csv $path -NoTypeInformation
}
I'm always run into this problem when making my foreach loops. I only ever get or change 1 variable. Why is this? x_X Please help!
And my CSV file has a header of SamAccountName and samaccount names. Without exporting I get good data from this code on the console:
user#test.com
user2#test.com
etc...
You were exporting in each iteration of the loop, which would overwrite the file. I haven't tried it but the changes below should work.
$allUsers | Foreach-Object {
$user = $_
Get-ADUser $user.samaccountname -Properties userprincipalname | select -Property userprincipalname
} | export-csv $path -NoTypeInformation
You must use this syntax vs foreach(x in y) if you want to directly pipeline the results to export-csv
I need to search through all users in AD, find their attribute "mail" and in this attribute replace #hell.com to #heaven.com
I'm stuck at exporting and importing to csv...
Import-Module ActiveDirectory
get-aduser -Filter {samaccountname -like "gmaleev"} -properties * | Select-Object SamAccountName,mail | export-csv -NoTypeInformation d:\1.csv
$impfile = "d:\1.csv"
Import-CSV $impFile
foreach ($user in $users)
{
$sam = $user.samaccountname
$email = $user.mail
write-host "User $sam has mail $mail"
}
It doesn't work, why?
The current issue is that you are running a cmdlet to import the data but not saving it. Your ForEach cmdlet is not processing any data so you should have blank output except that of Import-CSV which should be outputing to console.
Also it seems redundant to export the data to import it again. I will presume that you have a reason for exporting it.
Import-Module ActiveDirectory
$impfile = "d:\1.csv"
$results = Get-AdUser -Filter {samaccountname -like "gmaleev"} -properties * | Select-Object SamAccountName,mail
$results | export-csv -NoTypeInformation d:\1.csv
$results | foreach ($user in $users){
$sam = $user.samaccountname
$email = $user.mail
write-host "User $sam has mail $mail"
}
This should address what you are showing. It will get the same data and save it to the variable $results. Export that data and then piping it to the ForEach to process
Your title suggets that you want to change user attributes. To do that you would need to use Set-Aduser. Depending on what your environment is this might not be the best way to manipulate email attributes.
I've been banging my head against this for a while and can't figure out why this isn't working.
Import-Module ActiveDirectory
$Users = Get-ADGroupMember -identity “Accounting” -recursive | select name | export-csv -path "D:\group.csv"
$csv = Import-Csv "D:\group.csv"
foreach ($user in $csv) {Get-ADUser -filter "'Name -eq ""$user""'"}
You have a couple of issues here I think.
You export the data just to import it again. Do you even need a second copy of the data?
Import-Csv will return an object array not just the names. There is more than one way to address this but this should be more what you are looking for
Import-Module ActiveDirectory
$Users = Get-ADGroupMember -identity “Accounting” -recursive | select name
foreach ($user in $Users) {Get-ADUser -filter {Name -eq $user.Name}}
Even that is more than it needs to be. Its redundant since Get-ADGroupMember already returns similar objects you need. What do you need to do with this data? If you really need Get-AdUser then just pipe the output to it.
Get-ADGroupMember -identity “Accounting” -recursive | Get-Aduser
$user is a row in the CSV file. You need to address the Name field of that row (you also have way too many single- and double-quotes).
foreach ($user in $csv) {Get-ADUser -filter "Name -eq '$($user.name)'"}
Or you could make the CSV file just a vanilla listing of names, and not read it as CSV:
Get-ADGroupMember -identity “Accounting” -recursive | select -expandproperty name | out-file "c:\group.txt"
$csv = get-content -path "c:\group.txt"
foreach ($user in $csv) {Get-ADUser -filter "Name -eq '$user'"}
But if you're only using the file as a conduit between the group search and the user lookup, you can skip that entirely by piping the output of Get-ADGroupMember directly to Get-ADUser.
Get-ADGroupMember -identity “Accounting” -recursive | Get-ADUser;