AD Get AD user groups and sort/save

by j_internet at 2013-02-26 18:35:23

Hi,

I am trying to do a couple simple things but my mind is not so simple :slight_smile:

What I am trying to accomplish is

1) Read from a file list of users (have to get the oneliner to work first)
2) Output in CSV
3) The CSV must be in SamAccountname, Name, group name (no DN just group name)
4) Figured I can clean up the DN on the memberof in Excel

Would look like this
123Logon, Bob, Domain Users, Remote Access, File Share1,
Or even
123Logon, Bob, Domain Users
123Logon, Bob, Remote Access
123Logon, Bob, File Share1
222Logon, Sam, File Share2
etc


Well

Example 1 almost gets there.

Example 2 It works but For some reason the memberof returns "Microsoft.ActiveDirectory.Management.ADPropertyValueCollection"

Example 3 yes I can output the wrong output of the Microsoft.ActiveDirectory.Management.ADPropertyValueCollection



Example 1
Get-ADUser bob -property * | Select name, SamAccountname, memberof

Example 2
Get-ADUser Bob -property * | Select-Object name, SamAccountname, Memberof | convertto-csv

Example 3
Get-ADUser Bob -property * | Select-Object name, SamAccountname, Memberof | convertto-csv | out-file c:\ps\aaa.txt



I know this is formatting its the | that is thorwing me off.

Thanks Again!
by compugab at 2013-02-27 03:51:42
Hi,

Maybe there is a way to do it in one line, and probably someone will post it soon. In the meantime, I’ve found something that might interest you : http://smulpuru.wordpress.com/2011/11/03/display-adgroups-of-a-user-memberof/

You see, since the memberOf property is a collection, you can’t just show it. You got to expend it somehow.
by MaxMad at 2013-02-27 04:28:04
Hi,
don’t know how your output should look, but look at this example:

Get-ADUser bob -Properties memberof | select name,sAMAccountName,@{l="Memberof";e={foreach ($group in $.memberof) {(get-adgroup $group).sAMAccountname}}} | ConvertTo-Csv
by jonhtyler at 2013-02-27 04:35:19
get-aduser jonathan.tyler -IncludeAllProperties | select name, samaccountname, @{L="MemberOf";E={($.memberof | get-adgroup | select -ExpandProperty name) -join ‘,’}} | convertto-csv | foreach-object {$_ -replace ‘"’,‘’}

My syntax is slightly different that MaxMad’s. In the calculated property for MemberOf, I get the names of the groups, and then join them with a ",". Also, once you convert to csv, all the fields have quotes (") around them. Your output sample indicated you did not want quotes, so after converting to CSV, I take each line and remove the quotes. From here, you can output to a file as you wish.

I did not have the Microsoft AD cmdlets handy, so I had to test using the Quest AD cmdlets. The syntax should be accurate, but I haven’t been able to verify using the actual Microsoft cmdlets. At any rate, the concept would still be the same.

Hope this helps.
by ArtB0514 at 2013-02-27 12:13:55
You NEED the double quotes around any item in the CSV which has an embedded comma, such as your list of group names. Raw CSV’s are not intended to be read by humans, but by Excel (and PowerShell, of course). Both know how to deal with the quotes and do not display them.