0

I'm wanting this script to export an Excel spreadsheet with only the users that are in both AD groups.

$members1 = (Get-ADGroup 'Imprivata1' -Properties Member).Member $members2 = (Get-ADGroup 'Imprivata2' -Properties Member).Member

Compare-Object $members1 $members2 -IncludeEqual | Sort-Object Name | Export-Csv "C:\users$env:username\Desktop\compareadgroups.csv" -Encoding UTF8 -NoTypeInformation

On3N3xus
  • 1
  • 3

2 Answers2

0

you do not need to use compare-object, you can simply query AD for users which are in both groups:

#Get Group distinguishedName
$groupDNs = get-adgroup -ldapfilter "(|(samaccountname=Imprivata1)(samaccountname=Imprivata2))"

#Build ldap filter
$ldapArray = @(
    $groupDNs | %{
        "(memberof=$($_.distinguishedName))"
    }
)
$ldapString = $ldapArray -join $null

#Search Users that are member of both groups
$users = Get-ADUser -ldapfilter "(&$ldapstring)"

#Recursive Version of the ldap filter
$ldapArray = @(
    $groupDNs | %{
        "(memberof:1.2.840.113556.1.4.1941:=$($_.distinguishedname))"
    }
)
Toni
  • 1,738
  • 1
  • 3
  • 11
0

Restricting the output to equal ones only using the sideindicator property, and there's no name property, but inputobject is the property to sort. Powershell 7 not powershell 5.1's export-csv has a -usequotes parameter.

compare $members1 $members2 -includeequal | ? sideindicator -eq == |
  sort inputobject | export-csv -notype -usequotes asneeded compareadgroups.csv
js2010
  • 23,033
  • 6
  • 64
  • 66
  • I get the following error. Export-Csv : A parameter cannot be found that matches parameter name 'usequotes'. – On3N3xus Sep 06 '22 at 19:17
  • as js2010 wrote you must use PowerShell 7 to be able to use the -usequotes parameter – Toni Sep 07 '22 at 07:01