none
Get-ADGroupMember and get-ADObject RRS feed

  • Question

  • Hey guys,

    PS noob here. I'm trying to get all members of all groups (by samaccountName) and the userObject properties. The get-ADgroup script below outputs in the format that i need it in (going to drop it into a DB). However, I need to be able to grab properties for each user. Can someone please show me how to add (if it's possibe)

    this

    Get-ADObject -Properties SamAccountname,Title,Department,mail,employeeID,businessCategory,company,departmentNumber,manager,DistinguishedName,st,co,countryCode,ObjectClass,lastLogonTimestamp,pwdLastSet,whenCreated,whenChanged,accountExpires,userAccountControl

    +

    this

    $Groups = Get-ADGroup -Filter * -SearchBase "DC=domain,DC=local"

    $Results = foreach( $Group in $Groups ){

        Get-ADGroupMember -Identity $Group | foreach {

            [pscustomobject]@{

                GroupName = $Group.Name

                Name = $_.Name

                }

            }

        }

    $Results| Export-Csv -Path C:\scripts\output\groups.csv -NoTypeInformation

    thank you so much


    -PD

    Tuesday, August 15, 2017 5:04 PM

Answers

  • You can do this with a slight modification to the script:


    Get-Content "c:\scripts\lu_Groups.txt" | Get-ADGroup | ForEach-Object {
      $group = $_
      Get-ADGroupMember $group | ForEach-Object {
        $member = Get-ADObject $_.DistinguishedName -Properties mail,sAMAccountName
        [PSCustomObject] @{
          "Group"                 = $group.Name
          "Member"                = $member.Name
          "Member_objectClass"    = $member.objectClass
          "Member_sAMAccountName" = $member.sAMAccountName
          "Member_mail"           = $member.mail
        }
      }
    } | Export-Csv "C:\Scripts\Output\group_members.csv" -NoTypeInformation
    

    The update is we get the object into the $member variable and specify the additional properties we want in the output using the -Properties parameter (as jrv pointed out). Then we use the $member variable when outputting the custom object.

    Thursday, September 21, 2017 6:23 PM
    Moderator

All replies

  • There are numerous script in the Gallery that do what you ask:  http://gallery.technet.microsoft.com


    \_(ツ)_/

    Tuesday, August 15, 2017 5:11 PM
  • Guys,

    I have a script I am using to grab members from a list of groups. I'm hoping to pull additional attributes e.g., mail, description, department etc to it. From what I understand (I'm a PS noob) I need to use the get-ADuser command along with it. However, I"m not sure how to append it. Can anyone please help (yes, i've already looked all over and have spent a few hours trying to modify other code that is doing something similar)?

    Script:

    $groups = gc c:\scripts\lu_Groups.txt
    $report = @()
    Foreach ($group in $groups) {
      Get-ADGroupMember -Identity $group | % {
        $report += New-Object PSObject -Property @{
          Group = $group
          Name = $_.name
          SamAccountName = $_.SamAccountName
        }
      }
    }
    $report | ft -Autosize | out-file C:\Scripts\Output\group_members.txt

    I appreciate any assistance.

    Thanks!


    -PD

    Tuesday, September 19, 2017 9:56 PM
  • $user = $_ | Get-AdUser

    Now just use the $user object as needed.


    \_(ツ)_/

    Tuesday, September 19, 2017 10:05 PM
  • No need for all of that array concatenation.


    Get-Content "c:\scripts\lu_Groups.txt" | Get-ADGroup | ForEach-Object {
      $group = $_
      Get-ADGroupMember $group | ForEach-Object {
        [PSCustomObject] @{
          "Group"          = $group.Name
          "Member"         = $_.Name
          "sAMAccountName" = $_.SamAccountName
        }
      }
    } | Export-Csv "C:\Scripts\Output\group_members.csv" -NoTypeInformation
    


    -- Bill Stewart [Bill_Stewart]

    Tuesday, September 19, 2017 10:18 PM
    Moderator
  • You will need to do this to account for differences between embedded groups and users.

    Get-Content groups.txt |
    	ForEach-Object{
    		$groupname = $_
    		Get-ADGroupMember $groupname |
    		Where{ $_.objectClass -eq 'User'} |
    		Get-AdUser |
    		ForEach-Object{
    			[pscustomobject]@{
    				Group  = $groupname
    				Name   = $_.name
    				SamAccountName = $_.SamAccountName
    			}
    		}
    	} |
    	Format-Table -AutoSize


    \_(ツ)_/

    Tuesday, September 19, 2017 10:22 PM
  • Or just add the object class to the output:


    Get-Content "c:\scripts\lu_Groups.txt" | Get-ADGroup | ForEach-Object {
      $group = $_
      Get-ADGroupMember $group | ForEach-Object {
        [PSCustomObject] @{
          "Group"                 = $group.Name
          "Member"                = $_.Name
          "Member_objectClass"    = $_.objectClass
          "Member_sAMAccountName" = $_.SamAccountName
        }
      }
    } | Export-Csv "C:\Scripts\Output\group_members.csv" -NoTypeInformation


    -- Bill Stewart [Bill_Stewart]

    Wednesday, September 20, 2017 2:40 PM
    Moderator
  • Hi Bill - thank you for the reply. What I think is missing is that I'm trying to grab user attributes and without using get-aduser I can't pull the ones i want. For example, I would like to grab their mail and st attributes.

    -PD

    Thursday, September 21, 2017 6:15 PM
  • Hello and thank you for the reply. The script you wrote looks exactly like what I am looking for. How would I modify it to pull user attributes e.g., mail for example? I tried appending it under pscustomobject (listing mail =$_.mail), but that didn't work. Sorry, i'm still learning the basics of PS.

    Thank you for your help!


    -PD

    Thursday, September 21, 2017 6:18 PM
  • Get-AdUser  -Properties Mail

    You need to learn to use help before trying to write scripts.

    help get-aduser -full


    \_(ツ)_/

    Thursday, September 21, 2017 6:21 PM
  • You can do this with a slight modification to the script:


    Get-Content "c:\scripts\lu_Groups.txt" | Get-ADGroup | ForEach-Object {
      $group = $_
      Get-ADGroupMember $group | ForEach-Object {
        $member = Get-ADObject $_.DistinguishedName -Properties mail,sAMAccountName
        [PSCustomObject] @{
          "Group"                 = $group.Name
          "Member"                = $member.Name
          "Member_objectClass"    = $member.objectClass
          "Member_sAMAccountName" = $member.sAMAccountName
          "Member_mail"           = $member.mail
        }
      }
    } | Export-Csv "C:\Scripts\Output\group_members.csv" -NoTypeInformation
    

    The update is we get the object into the $member variable and specify the additional properties we want in the output using the -Properties parameter (as jrv pointed out). Then we use the $member variable when outputting the custom object.

    Thursday, September 21, 2017 6:23 PM
    Moderator
  • That explains so much, thanks Bill!

    -PD

    Thursday, September 21, 2017 6:53 PM