-3

Any idea why below code is not working ?

Trying to export username then the groups on to a csv. I just need the group names only.

Please help - many thanks

$users = (Get-Content users.txt)
foreach ($user in $users) {
$file = $user.Name + '_ACL'        
(Get-ADUser –Identity $user –Properties MemberOf).MemberOf -replace '^CN=([^,]+),OU=.+$','$1' | Export-CSV -path "$file.csv" -NoTypeInformation
}
kbriaz
  • 1
  • this is probably a question for stackexchange. you will just get scolded here :P '^CN=([^,]+),OU=.+$','$1' This doesnt look right by the way – colbyt Oct 03 '16 at 19:48
  • @cteneyck Managing group membership in AD is a sysadmin function. Is there overlap with stackexchange? Very little. Most of what this question asks actually requires very little in the way of programming skill. It's more of a question of knowing how to use the tools available. – Jeter-work Oct 04 '16 at 12:07
  • Sorry, I am a noob. Trying to self-learn scripts to make the whole teams life easy. @Xalorous - thanks buddy – kbriaz Oct 06 '16 at 16:09

2 Answers2

1

I always utilize the Quest AD cmdlets... below will pull all groups in a specified searchroot with members..

Add-PSSnapin Quest.ActiveRoles.ADManagement
Connect-QADService
$GroupInfo = '' | Select 'Group Name','Group Samaccountname','Group Description','Member Name','Member Description'
$AllGroups = @()
$MyGroups = Get-QADGroup -SearchRoot "OU...." -DontUseDefaultIncludedProperties  -IncludedProperties Name,samaccountname,Description,Member | select Name,samaccountname,Description,Member
foreach($Group in $MyGroups){
    $GroupInfo.'Group Name' = $Group.Name
    $Groupinfo.'Group Samaccountname' = $Group.Samaccountname
    $GroupInfo.'Group Description' = $Group.Description
    foreach($Member in $Group.Member){
        $User = Get-QADUser $Member -DontUseDefaultIncludedProperties -IncludedProperties Name,samaccountname,Description | select Name,samaccountname,Description
        $GroupInfo.'Member Name' = $User.Name
        $GroupInfo.'Member Samaccountname' = $User.Samaccountname
        $GroupInfo.'Member Description' = $User.Description 
        #it takes a while to go through a lot of goups...this just lets you watch so you don't think it's broke and cancel it.
        $GroupInfo | select 'Group Name','Group Samaccountname','Group Description','Member Name','Member Samaccountname','Member Description'
        $AllGroups += $GroupInfo | Select 'Group Name','Group Samaccountname','Group Description','Member Name','Member Samaccountname','Member Description'
    }
}

$AllGroups | Export-Csv Groups_w_members.csv -NoTypeInformation #Export all that group info to csv file.
user378904
  • 11
  • 1
  • thanks buddy. I have a list of users, I am trying to export each user's all group membership. Any idea how it can be done ? – kbriaz Oct 06 '16 at 16:23
1

For this (Get-ADUser –Identity $user –Properties MemberOf).MemberOf, try using Get-ADUser –Identity $user –Properties MemberOf | Select-Object -ExpandProperty MemberOf.

$users = (Get-Content users.txt) The quotes aren't needed, and Import-Csv gives better results than Get-Content. First row of CSV provides property names. So, $users = Import-Csv users.csv.

'^CN=([^,]+),OU=.+$','$1' What is $1 in this? It appears underfined. Unless it's part of the regex. If it is a variable of some sort, the single quotes will prevent it from being evaluated.

Also, consider:

 $users = Import-Csv users.csv
 foreach ($user in $users) {
      $currentUser = Get-ADUser $user -Properties MemberOf 
      $groups = $currentUser | Select-Object -ExpandProperty MemberOf
      foreach ($group in $Groups) {
           $groupName = Get-ADGroup $group | select name
           # do something here with a collection to collect the groupnames
      }

      # do something here with a custom object 
      # to collect the properties from user and groups
      # using a custom object named $customUser

      $customUser | Export-Csv -NoTypeInformation -Append  export.csv
  }
Jeter-work
  • 845
  • 4
  • 15
  • Many thanks. Your script is not working :( Please assist – kbriaz Oct 06 '16 at 16:22
  • You have to build your script. I can't see the errors, and I don't know your environment, and I only have the faintest idea of what you're trying to accomplish in the long run. My example is meant to show how to use looping to do what you need to do. The example is two nested loops which can be set up to use custom PS objects to gather information, which can then be dumped into a CSV. Not going to write your script for you, sorry. – Jeter-work Oct 06 '16 at 18:01
  • Thats fine buddy. I am a noob at Powershell. Thanks for the direction though. – kbriaz Oct 07 '16 at 11:21