Hi all
Am trying to export a list of usernames from a security group, the users in this group are spread over multiple domains. - The following command gets me a list of usernames but what would i need to add in to get which domain the user is on too?
Get-ADGroupMember -identity “GROUPNAME” | select SamAccountName | Export-csv -path C:\Output\Groupmembers.csv -NoTypeInformation
Thanks
Hi Marc,
If you can rely on Active Directory domain name for your domains being the same as DNS domain then you can use following:
function Get-CompanyDomain {
param (
[string]$DirectoryDN
)
$directory_dn_parts = $DirectoryDN.ToLower() -split "dc="
$dns_domain = ''
for ($loop = 1; $loop -lt $directory_dn_parts.Length; $loop ++) {
$dns_domain += $directory_dn_parts[$loop].Replace(',','') + '.'
}
### $netbios_domain = Insert NetBIOS domain information if needed
$company_domain_property = [ordered] @{
'DNSDomain' = $dns_domain
'NetBIOSDomain' = $netbios_domain
}
$company_domain = New-Object -TypeName PSObject -Property $company_domain_property
$company_domain
}
Your export line then will look like this:
Get-ADGroupMember -identity “GROUPNAME” | select sAMAccountName,@{Name='Domain';Expression={(Get-CompanyDomain -DirectoryDN $PSItem.distinguishedName).DNSDomain}}
Hope this helps
DistinguishedName or CanonicalName would give you an idea which domain this user belongs to.
Hey Marc
If you can download and install the Quest AD Cmdlets from software.dell.com try this:
get-qadgroupmember -identity “x” | get-qaduser | Select DisplayName,NTAccountName,Domain,SamAccountName | export-csv -notypeinformation -delimiter “;” -path xmembers.csv -append.
I’ve just tried it in my customers prod forest. works 100%
Hi Marc
Hopes This Info Helps You .
$matches=''
$GMDetails = Get-ADGroupMember $GoupName | select-object -property SamAccountName,distinguishedName
Foreach($G in $GMDetails){$DN = $G.distinguishedName -replace ',DC=','.'
$C = ($DN.Split('.')).count -1
$DN -match "(\.[a-z]+){$C}"
$matches[0]|foreach-object -process{
New-Object -TypeName PSObject -Property @{
SamAccounName=$G.SamAccountName
Domain=$_.Substring(1)
}
}
}