Hello I could really use help from the users.
I need to convert a pipeline command to an actual powershell script
My pipeline
Get-ADUser UserName | ForEach { DSACLS $_.DistinguishedName } | Where {$_.Contains("Deny")}
What I need is a script that will result in a CSV file with the information of EVERY user that has passes the WHERE clause.
Could really use help on this.
Captain-James
Hi,
You don’t need a script to do what you want. Just add the the pipeline a Get-ADUser in case you get the samaccountname back from the where. After that use an Export-Csv.
You don’t need DSACL for this. PowerShell can do it.
(get-acl (Get-ADOrganizationalUnit -filter *).distinguishedname).access | ? {$ _.accessControlType –eq "Deny"} | Export-csv C:\denied.csv -notypeinformation
Rick –
This pipeline did not work at all
get-acl : Cannot find path 'OU=Microsoft Exchange Security Groups,DC=prog1s,DC=com' because it does not exist.
At line:1 char:2
+ (get-acl (Get-ADOrganizationalUnit -filter *).distinguishedname).access | ? {$ _ ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (:) [Get-Acl], ItemNotFoundException
+ FullyQualifiedErrorId : GetAcl_PathNotFound_Exception,Microsoft.PowerShell.Commands.GetAclCommand
Sorry, as I said I didn’t get a chance to test it. I changed it up a bit and tested the code below and it’s working for me.
Get-ADOrganizationalUnit -Filter * | % {(Get-ACL "AD:$($_.distinguishedname)").access} | ? {$ _.accessControlType –eq "Deny"} | | Export-csv C:\denied.csv -notypeinformation