none
To fetch Group membership of user created in last 24 hours RRS feed

  • Question

  • Hi Guys,

    Objective to fetch user created in last 24 hours in active directory with their Group membership and department name

    I have 2 scripts which gives individual output.

    I need to combine the Scripts where script 1 output samaccountname will be taken as input to Script 2 and Script 2 will fetch the group membership for each user.

    Currently script 2 only fetch the output when user name is manually entered after the prompt

    Script 1 - Gives output of user created in last 24 hours 

    $When = ((Get-Date).AddDays(-1)) ; Get-ADUser -filter {(whencreated -ge $When)} | Select-Object SamAccountName

     

    Script 2 - Gives output of AD groupmembership of user.

    [CmdletBinding(SupportsShouldProcess=$True)] 

    Param

        [Parameter(Mandatory = $True)] 

        [String]$UserName 

    Import-Module ActiveDirectory 

    If ($UserName) { 

        $UserName = $UserName.ToUpper().Trim() 

        $Res = (Get-ADPrincipalGroupMembership $UserName | Measure-Object).Count 

        If ($Res -GT 0) { 

            Write-Output "`n" 

            Write-Output "The User $UserName Is A Member Of The Following Groups:" 

            Write-Output "===========================================================" 

            Get-ADPrincipalGroupMembership $UserName | Select-Object -Property Name, GroupScope, GroupCategory | Sort-Object -Property Name | FT -

        } 

    }

    Wednesday, April 3, 2019 10:48 AM

Answers

  • PLEASE format your code code as code. It's not that hard. Use the code posting tool provided. They've maded for that. Of course that counts for output of code as well.

    By default Get-ADUser returns only a limited subset of possible properties which obviously does not contains the departement. So you have to provide the parameter -Properties including a list of properties you want to get besides the default subset.

    For the expanded list of groups you'll need a nested loop.

    $When = ((Get-Date).AddDays(-1)) 
    $UserList = Get-ADUser -filter { (whencreated -ge $When) } -Properties Department
    foreach ($User in $UserList) {
        $GroupList = Get-ADPrincipalGroupMembership $User
        foreach ($Group in $GroupList) {
            [PSCustomObject]@{
                User        = $User.sAMAccountName
                Departement = $User.Department
                Group       = $Group.Name
                Category    = $Group.Category
            }
        }
    }
    BTW: You are allowed to search for information by yourself. There are thousands of examples about something like this and Powershell and everything around it is well/completely documented what's all available for you by a fingertip ... you just have to use one of the available search engines.

    Live long and prosper!

    (79,108,97,102|%{[char]$_})-join''

    Thursday, April 4, 2019 12:52 AM

All replies

  • Please post code only with code posting tool provided on the icon bar of the post editor (second to last icon). Thanks.

    You can combine 2 or more queries with a custom object like this:

    $When = ((Get-Date).AddDays(-1)) 
    $UserList = Get-ADUser -filter { (whencreated -ge $When) } 
    foreach ($User in $UserList) {
        [PSCustomObject]@{
            User   = $User
            Groups = (Get-ADPrincipalGroupMembership $User | Select-Object -ExpandProperty Name) -join ', '
        }
    


    Live long and prosper!

    (79,108,97,102|%{[char]$_})-join''

    • Proposed as answer by ComputerScott Wednesday, April 3, 2019 8:12 PM
    Wednesday, April 3, 2019 11:37 AM
  • Thanks for your quick assistance its a leaning for me however the output is truncated as below.

    Can you assist in getting the full output in CSV and add department attribute of user

    I tried adding the custum attribute Department = $User.Department but its not returning the value

    User       Groups                                                                                                   
    ----         ------                                                                                                   
    User1     Domain Users, #Distribution List1, #Distribution List2, #Distribution List3, #Distribution Li.....
    User2     Domain Users, #Distribution List1, #Distribution List2, #Distribution List3, #Distribution Li.....

    Wednesday, April 3, 2019 2:59 PM
  • PLEASE format your code code as code. It's not that hard. Use the code posting tool provided. They've maded for that. Of course that counts for output of code as well.

    By default Get-ADUser returns only a limited subset of possible properties which obviously does not contains the departement. So you have to provide the parameter -Properties including a list of properties you want to get besides the default subset.

    For the expanded list of groups you'll need a nested loop.

    $When = ((Get-Date).AddDays(-1)) 
    $UserList = Get-ADUser -filter { (whencreated -ge $When) } -Properties Department
    foreach ($User in $UserList) {
        $GroupList = Get-ADPrincipalGroupMembership $User
        foreach ($Group in $GroupList) {
            [PSCustomObject]@{
                User        = $User.sAMAccountName
                Departement = $User.Department
                Group       = $Group.Name
                Category    = $Group.Category
            }
        }
    }
    BTW: You are allowed to search for information by yourself. There are thousands of examples about something like this and Powershell and everything around it is well/completely documented what's all available for you by a fingertip ... you just have to use one of the available search engines.

    Live long and prosper!

    (79,108,97,102|%{[char]$_})-join''

    Thursday, April 4, 2019 12:52 AM