none
Get particular AD users and only one group of many

    Question

  • Hi,

    I am really under the gun to accomplish this asap. I have two commands that are getting the information I want but I need to merge the info into a file and I cannot figure out how to do this!

    First I am getting the users created in the last 8 days.

    $When = ((Get-Date).AddDays(-8)).Date
    
    $list = Get-ADUser -Filter {whenCreated -ge $When} -Properties * | select SamAccountName, Mail | Sort-Object samaccountname 
     

    Then I want to grab the group name left after excluding the following:

    Get-ADPrincipalGroupMembership -identity $user.SamAccountName | select-object name |Where-Object {$_.Name -notLike '*Terminal Server Users*' -and $_.Name -notLike '*Domain Users*' '}

    What I really need is the username, the email address, and the remaining group name...

    How can I merge this information together?

    Thanks!!

    Friday, May 24, 2019 3:56 PM

Answers

  • I'm afraid I pretty unsure if I've got you right ... this might be helpful for you anyway:

    $When = ((Get-Date).AddDays(-8)).Date
    
    Get-ADUser -Filter { whenCreated -ge $When } | 
    ForEach-Object {
        $GroupMemberShip = Get-ADPrincipalGroupMembership -Identity $_.sAMAccountName |
        Where-Object { 
            $_.Name -notLike '*Terminal Server Users*' -and $_.Name -notLike '*Domain Users*' 
        } 
        [PSCustomObject]@{
            User            = $_.sAMAccountName
            GroupMemberShip = $GroupMemberShip.Name
        }
    }

    (untested)


    Live long and prosper!

    (79,108,97,102|%{[char]$_})-join''

    • Edited by BOfH_666 Friday, May 24, 2019 4:54 PM
    • Marked as answer by bvi1998 Friday, May 24, 2019 5:32 PM
    Friday, May 24, 2019 4:54 PM

All replies

  • I'm afraid I pretty unsure if I've got you right ... this might be helpful for you anyway:

    $When = ((Get-Date).AddDays(-8)).Date
    
    Get-ADUser -Filter { whenCreated -ge $When } | 
    ForEach-Object {
        $GroupMemberShip = Get-ADPrincipalGroupMembership -Identity $_.sAMAccountName |
        Where-Object { 
            $_.Name -notLike '*Terminal Server Users*' -and $_.Name -notLike '*Domain Users*' 
        } 
        [PSCustomObject]@{
            User            = $_.sAMAccountName
            GroupMemberShip = $GroupMemberShip.Name
        }
    }

    (untested)


    Live long and prosper!

    (79,108,97,102|%{[char]$_})-join''

    • Edited by BOfH_666 Friday, May 24, 2019 4:54 PM
    • Marked as answer by bvi1998 Friday, May 24, 2019 5:32 PM
    Friday, May 24, 2019 4:54 PM
  • Wow, that did it! Thanks so much!!!!

    Friday, May 24, 2019 5:32 PM
  • Last bit of help? I do I put those objects into a csv file? Do I have to create an array and keep loading that up first?

    Thank you!

    Friday, May 24, 2019 5:39 PM
  • After the last closing brace (i.e., "}"), just add "| Export-CSV <your-parameters-here>"

    --- Rich Matheisen MCSE&I, Exchange Ex-MVP (16 years)

    Friday, May 24, 2019 5:58 PM
  • Thanks, I had put it in the wrong place.
    Friday, May 24, 2019 6:13 PM
  • Ok let's make it harder :)

    I only want users who are in one of 4 groups. I thought I could do this in the inverse but there are too many groups to exclude.

    $When = ((Get-Date).AddDays(-8)).Date
    
    Get-ADUser -Filter { whenCreated -ge $When } | 
    ForEach-Object {
        $GroupMemberShip = Get-ADPrincipalGroupMembership -Identity $_.sAMAccountName |
        Where-Object { 
            $_.Name -notLike '*Terminal Server Users*' -and $_.Name -notLike '*Domain Users*' 
        } 
        [PSCustomObject]@{
            User            = $_.sAMAccountName
            GroupMemberShip = $GroupMemberShip.Name
        }
    }


    This is what I have now, but then of course it includes all of the excluded groups. I am aiming for them being a member of 1 of 4 groups and want to extract only that name:

    $When = ((Get-Date).AddDays(-8)).Date
    
    Get-ADUser -Filter { whenCreated -ge $When } | 
    ForEach-Object {
        $GroupMemberShip = Get-ADPrincipalGroupMembership -Identity $_.sAMAccountName |
        Where-Object { 
            $_.Name -Like '*Students*' -or $_.Name -Like '*Employee*' -or $_.Name -like '*can*' -or $_.Name -Like '*dog*' | select name
        } 
        [PSCustomObject]@{
            User            = $_.sAMAccountName
            GroupMemberShip = $GroupMemberShip.Name
        } 
    }

    Can someone help? I am almost done!

    Friday, May 24, 2019 6:53 PM
  • Hi,

    After all of the stops and starts I have come up with the following. In the end, I only want the created user if it is a member of one of four groups. I want that list of users with the group name I am looking for, and the account creation date. Here is what I have written and it works, and I know it is inefficient...but it is all I could come up with. If anyone would help me streamline this I would appreciate it!

    $date = (Get-Date).ToString("s").Replace(":","-") 
    $file = "createdusers" + $date + ".csv"
    
    # Get users created last number of whatever and get their role
    
    $When = ((Get-Date).AddDays(-2)).Date
    
    Get-ADUser -Filter { whenCreated -ge $When }  |
    
    ForEach-Object {
        $created = get-aduser -Identity $_.sAMAccountName -Properties * | select whencreated
    
        $GroupMemberShip = Get-ADPrincipalGroupMembership -Identity $_.sAMAccountName |
        Where-Object { 
            $_.name -like "thing" -or "person" -or "animal" -or "employee"
                } 
        if 
        ($GroupMemberShip | select -Property name | Where-Object {$_.name -like "thing"})
        {$wantedgroup = "thing"}
        elseif 
        ($GroupMemberShip | select -Property name | Where-Object {$_.name -like "person"})
        {$wantedgroup = "person"}
        elseif 
        ($GroupMemberShip | select -Property name | Where-Object {$_.name -like "animal"})
        {$wantedgroup = "animal"}
        elseif
        ($GroupMemberShip | select -Property name | Where-Object {$_.name -like "pat"})
        {$wantedgroup = "employee"}
    
        [PSCustomObject]@{
            User            = $_.sAMAccountName
            GroupMemberShip = $Wantedgroup
            DateCreated     = $created.whencreated
        } 
        
    }# | export-csv c:\temp\$file
    
    
    


    • Edited by bvi1998 Sunday, May 26, 2019 5:36 PM typos
    Sunday, May 26, 2019 5:35 PM