locked
Display group membership using power shell RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    I want to get details of all email addresses associated with a user account along with the users group memberships. I can get the first part, but the second returns nothing so I end up with the users name, alias, mailbox type and all email addresses but the MemberOf heading has nothing listed.

    I'm using this to run the query

    get-recipient user.name@domain.com | select name,alias,emailaddresses,MemberOf,recipienttypedetails

    My results look like this

    Name                 : User Name
    Alias                : user.name
    EmailAddresses       : {smtp:uname@local, smtp:uname@domain.com, smtp:user.name@local, SMTP:User.Name@domain.com}
    MemberOf             :
    RecipientTypeDetails : UserMailbox

    This happens for each user I query, all are members of numerous groups. Could anyone explain why I'm getting no results in MemberOf and how I can get this data, short of going into the Exchange management console and looking it up? This needs to be available to export to a csv, hence the need to use power shell.

    Monday, August 12, 2013 9:21 PM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote

    If you have a 2008 R2 server you can use the ActiveDirectory module to get that. Otherwise you'll have to use ADSI. You'll have to abandon any thoughts of a "one liner" though.

    Something like this should work:

    $r=get-recipient <name>
    $ar=[ADSI]"LDAP://$($r.distinguishedname)"
    $mo=$ar.memberof

    You may have to fiddle with that last line. It may be "$ar.properties.memberof" or "$ar.psbase.properties.memberof".

    --- Rich Matheisen MCSE&I, Exchange MVP


    Tuesday, August 13, 2013 2:10 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hello,

    I agree with Rich, you can use AD module with 2008 R2 .  You can use the below cmdlet for this purpose :

    Get-ADPrincipalGroupMembership -Identity  <username>|ft name

    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.

    • Marked as answer by GADavies Tuesday, August 13, 2013 1:56 PM
    Tuesday, August 13, 2013 3:24 AM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote

    If you have a 2008 R2 server you can use the ActiveDirectory module to get that. Otherwise you'll have to use ADSI. You'll have to abandon any thoughts of a "one liner" though.

    Something like this should work:

    $r=get-recipient <name>
    $ar=[ADSI]"LDAP://$($r.distinguishedname)"
    $mo=$ar.memberof

    You may have to fiddle with that last line. It may be "$ar.properties.memberof" or "$ar.psbase.properties.memberof".

    --- Rich Matheisen MCSE&I, Exchange MVP


    Tuesday, August 13, 2013 2:10 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hello,

    I agree with Rich, you can use AD module with 2008 R2 .  You can use the below cmdlet for this purpose :

    Get-ADPrincipalGroupMembership -Identity  <username>|ft name

    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.

    • Marked as answer by GADavies Tuesday, August 13, 2013 1:56 PM
    Tuesday, August 13, 2013 3:24 AM