Powershell Sript for AD Group

All replies

• 

  

  0

  Sign in to vote

  I tried run a query in AD...

  What did you try, and why did it not work?

  ---

  -- Bill Stewart [Bill_Stewart]

  Monday, August 25, 2014 8:01 PM
• 

  

  0

  Sign in to vote

  I tried run a query in AD...

  What did you try, and why did it not work?

  ---

  -- Bill Stewart [Bill_Stewart]

  Get-AdGroup -filter * -prop *| Where {$_.whenCreated -gt ([datetime]'11-23-1492')}

  Start here: http://technet.microsoft.com/en-us/scriptcenter/dd793612.aspx

  ---

  ¯\_(ツ)_/¯

  
  

  • Edited by jrv Monday, August 25, 2014 8:19 PM
  • Marked as answer by Chadness1 Monday, August 25, 2014 8:33 PM

  Monday, August 25, 2014 8:14 PM
• 

  

  1

  Sign in to vote

  Use the -properties switch as in:

  Get-ADGroup -Filter * -Properties whenCreated
  Get-ADUser -Filter * -Properties whenCreated

  
  

  ---

  Sam Boutros, Senior Consultant, Software Logic, KOP, PA http://superwidgets.wordpress.com (Please take a moment to Vote as Helpful and/or Mark as Answer, where applicable)

  • Proposed as answer by jrv Monday, August 25, 2014 8:19 PM
  • Marked as answer by Chadness1 Monday, August 25, 2014 8:33 PM

  Monday, August 25, 2014 8:17 PM
• 

  

  0

  Sign in to vote

  Sam - I fixed that immediately after posting it.

  ---

  ¯\_(ツ)_/¯

  • Marked as answer by Chadness1 Monday, August 25, 2014 8:34 PM

  Monday, August 25, 2014 8:22 PM
• 

  

  0

  Sign in to vote

  Sorry jrv, I was too quick.. 

  They let you delete your posts on this thing.. :)

  ---

  Sam Boutros, Senior Consultant, Software Logic, KOP, PA http://superwidgets.wordpress.com (Please take a moment to Vote as Helpful and/or Mark as Answer, where applicable)

  
  

  • Edited by Sam Boutros Monday, August 25, 2014 8:26 PM

  Monday, August 25, 2014 8:25 PM
• 

  

  0

  Sign in to vote

  Thanks guys, I suck at powershell, and query in ADUC did not give me the filter of whencreated.

  How can I filter the list only by CN name?

  ---

  Chad

  Monday, August 25, 2014 8:35 PM
• 

  

  0

  Sign in to vote

  Thanks guys, I suck at powershell, and query in ADUC did not give me the filter of whencreated.

  How can I filter the list only by CN name?

  ---

  Chad

  What list.

  To get group by name just use name

  Get-AdGroup somegrp

  No need to filter for a name.

  What I see is that you need to spend time reading the documentation. Asking increnmental question will not work.

  ---

  ¯\_(ツ)_/¯

  Monday, August 25, 2014 9:10 PM
• 

  

  0

  Sign in to vote

  Well I do not know what results I was going to get until I exported the list to a csv file, thus the reason for the "incremental question" I just need the name and not the other data, but thanks anyways for all your help.

  Chad

  ---

  Chad

  Monday, August 25, 2014 9:14 PM
• 

  

  0

  Sign in to vote

  Well I do not know what results I was going to get until I exported the list to a csv file, thus the reason for the "incremental question" I just need the name and not the other data, but thanks anyways for all your help.

  Chad

  ---

  Chad

  I am sure none of us know what you are asking now. What name and what export?

  You asked for all users filtered on whenCreated.  What is it that you cannot understand.

  ---

  ¯\_(ツ)_/¯

  Monday, August 25, 2014 9:25 PM
• 

  

  0

  Sign in to vote

  I get all the below information for each group, I did not know I was going to give me this much information when I only need the CN or Samaccountname, that why I asked in my previous reply on how to export just the CN name...

  CanonicalName                   : corp.com/corpGroup/ITCreative Group In
                                    ternet
  CN                              : ITCreative Group Internet
  Created                         : 5/15/2013 9:30:59 AM
  createTimeStamp                 : 5/15/2013 9:30:59 AM
  Deleted                         :
  Description                     : Internet access for Creative group
  DisplayName                     :
  DistinguishedName               : CN=ITCreative Group Internet,OU=corpGroup
                                    ,DC=corp,DC=com
  dSCorePropagationData           : {6/10/2014 1:10:47 PM, 6/10/2014 12:59:17 PM,
                                     6/3/2014 8:50:20 AM, 2/25/2014 10:53:20 AM..
                                    .}
  GroupCategory                   : Security
  GroupScope                      : Global
  groupType                       : -2147483646
  HomePage                        :
  instanceType                    : 4
  isDeleted                       :
  LastKnownParent                 :
  ManagedBy                       :
  member                          :
  MemberOf                        : {}
  Members                        
  Modified                        : 7/23/2014 11:26:55 AM
  modifyTimeStamp                 : 7/23/2014 11:26:55 AM
  Name                            : ITCreative Group Internet
  nTSecurityDescriptor            : System.DirectoryServices.ActiveDirectorySecur
                                    ity
  ObjectCategory                  : CN=Group,CN=Schema,CN=Configuration,DC=itserv
                                    e,DC=com
  ObjectClass                     : group
  ObjectGUID                      : b00724b8-a76e-4457-bde7-8a858f60d3e3
  objectSid                       : S-1-5-21-1551699216-1247871332-452798024-1927
                                    3
  ProtectedFromAccidentalDeletion : False
  SamAccountName                  : ITCreative Group Internet
  sAMAccountType                  : 268435456
  sDRightsEffective               : 15
  SID                             : S-1-5-21-1551699216-1247871332-452798024-1927
                                    3
  SIDHistory                      : {}
  uSNChanged                      : 497056326
  uSNCreated                      : 95639022
  whenChanged                     : 7/23/2014 11:26:55 AM
  whenCreated                     : 5/15/2013 9:30:59 AM

  ---

  Chad

  
  

  • Edited by Chadness1 Monday, August 25, 2014 9:33 PM

  Monday, August 25, 2014 9:32 PM
• 

  

  0

  Sign in to vote

  What's the command(s) you're running? Can you post that?

  ---

  Sam Boutros, Senior Consultant, Software Logic, KOP, PA http://superwidgets.wordpress.com (Please take a moment to Vote as Helpful and/or Mark as Answer, where applicable)

  Monday, August 25, 2014 9:54 PM
• 

  

  0

  Sign in to vote

  [As we can see, there is sometimes a difference between answering a question and solving a problem.]

  ---

  -- Bill Stewart [Bill_Stewart]

  Monday, August 25, 2014 9:57 PM
• 

  

  0

  Sign in to vote

  PS Z:\> Get-AdGroup -filter * -prop *| Where {$_.whenCreated -gt ([datetime]'05-15-2013')} | format-list | Out-File c:\groups.txt

  ---

  Chad

  Monday, August 25, 2014 10:00 PM
• 

  

  0

  Sign in to vote

  I know right.

  ---

  Chad

  Monday, August 25, 2014 10:02 PM
• 

  

  1

  Sign in to vote

  PS Z:\> Get-AdGroup -filter * -prop *| Where {$_.whenCreated -gt ([datetime]'05-15-2013')} | format-list | Out-File c:\groups.txt

  ---

  Chad

  This command will give you the CN's only:

  (Get-AdGroup -filter * -prop *| Where {$_.whenCreated -gt ([datetime]'05-15-2013')}).cn | format-list | Out-File c:\groups.txt

  
  

  ---

  Sam Boutros, Senior Consultant, Software Logic, KOP, PA http://superwidgets.wordpress.com (Please take a moment to Vote as Helpful and/or Mark as Answer, where applicable)

  Monday, August 25, 2014 10:03 PM
• 

  

  0

  Sign in to vote

  Just specify the whenCreated attribute (to add it to the default list of attributes returned) and then select only the properties you want. For example:
  

  ---

  get-adgroup -filter * -properties whenCreated |
    where-object { $_.WhenCreated -ge "8/1/2014" } |
    select-object name,whenCreated |
    export-csv results.csv -notypeinformation
  

  ---

  Take note, however, that this command searches for all groups in the entire domain and then filters by date.
  

  ---

  -- Bill Stewart [Bill_Stewart]

  
  
  

  • Edited by Bill_Stewart Monday, August 25, 2014 10:11 PM
  • Marked as answer by Chadness1 Tuesday, August 26, 2014 11:29 AM

  Monday, August 25, 2014 10:08 PM
• 

  

  0

  Sign in to vote

  Thanks Bill that worked, how come you did not have to include the fields you wanted?

  ---

  Chad

  Tuesday, August 26, 2014 11:30 AM
• 

  

  0

  Sign in to vote

  When you don't use the -properties parameter, the cmdlet returns a default set of properties. (Try get-adgroup on a single group.) You can specify the -properties parameter to add one or more properties to the default list of properties.
  

  ---

  -- Bill Stewart [Bill_Stewart]

  Tuesday, August 26, 2014 2:31 PM