locked
Powershell scripting - get membership of active directory RRS feed

Answers

  • This will work better:

    $props = @(
    	@{ n = "User ID"; e = { $usr.SamAccountName } }
    	@{ n = "User Name"; e = { $usr.Name } },
    	@{ n = "Group"; e = { $_.Name } },
    	@{ n = "Status"; e = { $usr.Enabled } },
    	@{ n = "First Name"; e = { $usr.GivenName } },
    	@{ n = "Last Name"; e = { $usr.Surname } },
    	@{ n = "User Principal Name"; e = { $usr.UserPrincipalName } },
    	@{ n = "Distinguished Name"; e = { $usr.DistinguishedName } }
    )
    
    Get-ADUser -filter * -properties Surname,GivenName -PipelineVariable usr|
    	Get-ADPrincipalGroupMembership |
    	select $props 

    If you don't restrict it is will retrieve ALL users in your AD.


    \_(ツ)_/



    Thursday, October 26, 2017 1:28 PM

All replies

  • If you have problems with a script from the gallery you should ask author for support.

    Here you'll find the Q & A section for this script: https://gallery.technet.microsoft.com/Export-AD-users-and-their-ecd58f50/view/Discussions#content


    Best regards

    (79,108,97,102|%{[char]$_})-join''


    • Edited by BOfH-666 Thursday, October 26, 2017 11:38 AM
    Thursday, October 26, 2017 11:38 AM
  • The script you posted does not work and could never have worked.  It was written by someone who was just copying and pasting things together.

    Post your complaints to the author here: https://gallery.technet.microsoft.com/Export-AD-users-and-their-ecd58f50/view/Discussions/0?showDiscussionForm=True

    Maybe he will fix it for you and you will both learn a bit about PowerShell.


    \_(ツ)_/

    Thursday, October 26, 2017 12:59 PM
  • Hi there.

    1st of all thank you for your replies.

    Basically script works, but it takes some time as it reads "the hole AD" puts it in object than it parses that into another object as desired attributes,etc,etc... The thing is that I have also found there is an known bug in: "get-adprincipalgroupmembership" : the server was unable to process the request due to an internal error"...


    bostjanc


    • Edited by B_C_R Thursday, October 26, 2017 1:05 PM
    Thursday, October 26, 2017 1:05 PM
  • The script is bad.  Have the author fix it.


    \_(ツ)_/

    Thursday, October 26, 2017 1:11 PM
  • This will work better:

    $props = @(
    	@{ n = "User ID"; e = { $usr.SamAccountName } }
    	@{ n = "User Name"; e = { $usr.Name } },
    	@{ n = "Group"; e = { $_.Name } },
    	@{ n = "Status"; e = { $usr.Enabled } },
    	@{ n = "First Name"; e = { $usr.GivenName } },
    	@{ n = "Last Name"; e = { $usr.Surname } },
    	@{ n = "User Principal Name"; e = { $usr.UserPrincipalName } },
    	@{ n = "Distinguished Name"; e = { $usr.DistinguishedName } }
    )
    
    Get-ADUser -filter * -properties Surname,GivenName -PipelineVariable usr|
    	Get-ADPrincipalGroupMembership |
    	select $props 

    If you don't restrict it is will retrieve ALL users in your AD.


    \_(ツ)_/



    Thursday, October 26, 2017 1:28 PM
  • Get-ADUser : A parameter cannot be found that matches parameter name 'PipelineVariable'.
     ?

    bostjanc

    Thursday, October 26, 2017 1:37 PM
  • Try this 

    $mycol = @()
    $Users = get-aduser -filter * -Properties  Displayname, EmailAddress, Title,memberof 
    
    ForEach ($User in $Users)
    {
    	$GroupMembership = $user.memberof
    	If(!$GroupMembership)
         {
    	  $MyObject = New-Object PSObject -Property @{
    	    Name = $user.Name
            DisplayName = $User.Displayname
            EmailAddress = $user.EmailAddress
            Title = $user.Title
            Group = "Empty :)"
    	    GroupType = ""
           }
    	 $mycol += $MyObject
         }
    	Else
         {
    	    ForEach ($Group in $Groupmembership)
              {
    		    $MyObject = New-Object PSObject -Property @{
    		    Name = $user.Name
                DisplayName = $User.Displayname
                EmailAddress = $user.EmailAddress
                Title = $user.title
                Group = ($Group -split ",*..=")[1]
                GroupType = (get-adgroup $Group).GroupCategory
    		   }
    		    $mycol += $MyObject
            }
    	
    	 }
    } 
    $mycol


    • Edited by Mekac Thursday, October 26, 2017 1:48 PM
    Thursday, October 26, 2017 1:47 PM
  • PipelineVariable parameter is introduced in PowerShell 4.0

    What version of Powershell do you use?

    Run $PSversiontable and check the version.


    Please click on Propose As Answer or to mark this post as and helpful for other people. This posting is provided AS-IS with no warranties, and confers no rights.

    Thursday, October 26, 2017 1:49 PM
  • PowerShell v2 is no longer supported.  It is recommended that it be removed for security reasons.  Upgrade to a current version of PowerShell.


    \_(ツ)_/

    Thursday, October 26, 2017 1:51 PM
  • Try this 

    $mycol = @()
    $Users = get-aduser -filter * -Properties  Displayname, EmailAddress, Title,memberof 
    
    ForEach ($User in $Users)
    {
    	$GroupMembership = $user.memberof
    	If(!$GroupMembership)
         {
    	  $MyObject = New-Object PSObject -Property @{
    	    Name = $user.Name
            DisplayName = $User.Displayname
            EmailAddress = $user.EmailAddress
            Title = $user.Title
            Group = "Empty :)"
    	    GroupType = ""
           }
    	 $mycol += $MyObject
         }
    	Else
         {
    	    ForEach ($Group in $Groupmembership)
              {
    		    $MyObject = New-Object PSObject -Property @{
    		    Name = $user.Name
                DisplayName = $User.Displayname
                EmailAddress = $user.EmailAddress
                Title = $user.title
                Group = ($Group -split ",*..=")[1]
                GroupType = (get-adgroup $Group).GroupCategory
    		   }
    		    $mycol += $MyObject
            }
    	
    	 }
    } 
    $mycol


    This will also be extremely slow due to caching and re -enumerating all of the values.  Use a pipeline.


    \_(ツ)_/

    Thursday, October 26, 2017 1:52 PM
  • powershell on the machine (DC) that I was trying to run code above is 3.

    I guess it's time to upgrade.


    bostjanc

    Friday, October 27, 2017 1:16 PM
  • Hi,

    I'm checking how the issue is going, was your issue resolved?

    And if the replies as above are helpful, we would appreciate you to mark them as answers, and if you resolve it using your own solution, please share your experience and solution here. It will be greatly helpful to others who have the same question.

    Appreciate for your feedback.

    Best Regards,
    Albert Ling

    Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, October 30, 2017 8:36 AM