by Colin Hill at 2012-11-22 06:59:12
Hi,by Klaas at 2012-11-22 07:17:24
I was wondering if anyone could help. I’m trying to get a list of users from a number of Groups which have a standard naming convention.
For example:
VMware Console Access - Server 1
VMware Console Access - Server 2
VMware Console Access - Server 3
Has anyone seen a script or written something like this already?
Thanks in advance
Cheers
Colin
by Colin Hill at 2012-11-22 08:35:00Get-ADGroup -Filter 'Name -like "VMWAre*"' | Get-ADGroupMember
That would be the shortest way, I think.
You need to be on a domain controller or have RSAT installed. On Powershell V2 you have toimport-Module ActiveDirectoryfirst, with PSv3 that is no longer necessary.
If you add| gmYou can see what properties are available toSelect;
Hi Klaas,by Klaas at 2012-11-23 00:25:58
Thanks for your quick response!
The script is fine (Thanks!) but I also need to push the information out to a CSV file (Name and Email).Get-ADGroup -Filter ‘Name -like "VMWAre*"’ | Get-ADGroupMember | Select-Object Firstname, Lastname, Email | Export-Csv C:\users.csv -NoTypeInformation
The fist bit is fine (yours!) but the last part is failing to output what I want.
Cheers
Colin
It seems that the groupmember object is not a user object and doesn’t have the properties you want. Insert another cmdlet that gets the actual user objects.by Colin Hill at 2012-11-23 04:36:50
Also check the property names, because they are not the same as in ADUC; firstname -> givenname, lastname -> surname, email -> mail
Default you get a small number of properties, so if the ones you need are not in that set, you should add them with the properties parameter:Get-ADGroup -Filter 'name -like "VMWare*"' | Get-ADGroupMember | Get-ADUser -Properties surname,givenname,mail|
Select-Object surname, givenname, mail | Export-Csv C:\users.csv -NoTypeInformation
Hi Klaas,
Thanks for help again - the script worked great!
Once we had the output it wasn’t as useful as we hoped for as the external users didn’t have an email address listed <sigh>…
We had a bit of a tinker and came up with this to list users to Groups so at least we could see who accessed what. Then get the business units to contact the external users:import-module activeDirectory
$vmwareGroups = get-adGroup -filter 'name -like "VMware*Console Access"'
## output object
$output = @()
$vmwareGroups | foreach {
$groupName = $.name
$groupMembers = $ | get-adGroupMember
$groupMembers | foreach {
$memberName = $_.name
$obj = new-object System.Management.Automation.PSObject
$obj = $obj | add-member -memberType NoteProperty -name groupName -value $groupName -passthru
$obj = $obj | add-member -memberType NoteProperty -name userName -value $memberName -passthru
$output += $obj
}
}
$output | export-csv "c:\vwmareGroups.csv" -NoTypeInformation
Cheers
Colin