1

I'm trying to get@{n='Active';e={(Get-ADGroupMember $group | get-aduser -Properties enabled |select enabled).enabled}} to read the samaccount name and return whether the user is enabled or disabled. However the code returns true and false for all members in the group. How do I get it to return result for just the user in 1st column in my results?

Below is my full script with the results I get.

$groups = "some","ad", "groups"

$results = foreach ($group in $groups) {
        Get-ADGroupMember  $group | select samaccountname, @{n='GroupName';e={$group}}, @{n='Description';e={(Get-ADGroup $group -Properties description).description}}, @{n='Active';e={(Get-ADGroupMember $group  | get-aduser -Properties enabled |select enabled).enabled}}
    }
    
    $results

Results:

Results

mkrieger1
  • 19,194
  • 5
  • 54
  • 65
Warlord213
  • 74
  • 4
  • 2
    you're piping from another `Get-ADGroupMember`, just use `(get-aduser -identity $_.SamAccountName -Properties enabled).Enabled` – Abraham Zinala Aug 24 '22 at 16:45

1 Answers1

1

I would recommend you to not use Select-Object in this case and use PSCustomObject instead, it will keep the code more readable (though this is personal opinion).

$groups = "some", "ad", "groups"

$results = foreach ($item in $groups) {
    $group = Get-ADGroup $item -Properties description
    foreach($member in Get-ADGroupMember $item) {
        if($member.ObjectClass -eq 'user') {
            $active = (Get-ADUser $member).Enabled
        } 
        else {
            $active = 'N/A'
        }

        [pscustomobject]@{
            GroupName      = $group.Name
            Description    = $group.Description
            samAccountName = $member.Name
            ObjectClass    = $member.ObjectClass
            Active         = $active
        }
    }
}
Santiago Squarzon
  • 41,465
  • 5
  • 14
  • 37