Compare Profile Server to AD Group

powershell-noob · November 10, 2021, 9:28pm

Trying to compare a profile server (first.last usually) against an AD group for purpose of folder cleanup. This keeps listing everyone instead of non members. Members not a part of the AD group will be deleted or archived off. What am I doing wrong?

$Path = "\\Path\to\Share\"

$Members = Get-ADGroup "Group" -Properties Member | 
Select-Object -ExpandProperty Member |
Get-ADUser 

$UserProfile = Get-ChildItem -Path $Path | Where-Object { ($_.Name -notmatch $Members) } 

foreach ($User in $UserProfile){

if(-not($Members -contains $User.Name))
{ 
Out-File -Encoding Ascii -Append -FilePath "C:\Temp\Profiles.txt" -InputObject "$path$user"
}
}

Can’t use Get-ADGroupMember because the membership exceeds 5000 limit.

Olaf · November 10, 2021, 9:46pm

-notmatch is the wrong operator for this kind of condition and you should specify against what property you want to compare the pipeline object. If I got it right you could use

$UserProfile = Get-ChildItem -Path $Path | Where-Object { ($_.Name -notin $Members.sAMAccountName) }

… and then you do not need the if query inside your loop anymore. Actually you shold not need your loop anymore at all … this should be enough:

$UserProfile.FullName | Out-File -FilePath "C:\Temp\Profiles.txt" -Encoding Ascii