Powershell script to update the security group descriptions with the count.

bsharath
bsharath used Ask the Experts™
on
Hi,

Powershell script to update the security group descriptions with the count.
Below code from Chris
i want to query all security groups in an OU and update the below along with the Nested group count and should not clear whats there at present but add the details to the end. I dont want the group name in them

Get-QADGroup -SearchRoot "OU=groups,DC=domain,DC=com" | ForEach-Object {
  Set-QADGroup $_.DN -Description "$($_.Name) (Member count: $($_.Members.Count))"
}

Descript should be as
(Member count : 33) ( Nested groups : 3) (Contacts : 2)

If already data is there do nothing but update the above to the end.

Regards
Sharath
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Chris DentPowerShell Developer
Top Expert 2010

Commented:

This should work...

Chris
Get-QADGroup -SearchRoot "OU=groups,DC=domain,DC=com" | ForEach-Object {
  $Members = Get-QADGroupMember $_.DN
  $Groups = $Members | 
    Where-Object { $_.Type -eq "Group" } |
    Measure-Object
  $Contacts = $Members | 
    Where-Object { $_.Type -eq "Contact" } |
    Measure-Object

  $Description = [String]::Format("{0} (Member Count: {1}) (Nested Groups: {2}) (Contacts: {3})",
    $_.Name,
    $_.Members.Count,
    $Groups.Count,
    $Contacts.Count)

  Set-QADGroup $_.DN -Description $Description
}

Open in new window

Author

Commented:
One question
When i run the 2nd time what will happen
If already data is there can we have a symbol as = and then the script's to place data
So on 2nd run can we clear all data after = and then place the new data
This will be useful on multiple runs of script
Chris DentPowerShell Developer
Top Expert 2010

Commented:

At the moment it overwrites the field regardless of what it contains. I felt that was the easiest way to maintain accuracy.

Would you like it to check the current contents?

Chris
OWASP: Threats Fundamentals

Learn the top ten threats that are present in modern web-application development and how to protect your business from them.

Author

Commented:
I think you are right
can we have a addition as Mail enabled or Not mail enabled listed at the end in the description
PowerShell Developer
Top Expert 2010
Commented:

Sure, based on the legacyExchangeDN going to okay?

Chris
Get-QADGroup -SearchRoot "OU=groups,DC=domain,DC=com" `
  -IncludedProperties legacyExchangeDN | ForEach-Object {

  $Members = Get-QADGroupMember $_.DN
  $Groups = $Members | 
    Where-Object { $_.Type -eq "Group" } |
    Measure-Object
  $Contacts = $Members | 
    Where-Object { $_.Type -eq "Contact" } |
    Measure-Object

  If ($_.LegacyExchangeDN -ne $Null) {
    $MailEnabled = "Yes"
  } Else {
    $MailEnabled = "No"
  }

  $Description = [String]::Format("{0} (Member Count: {1}) (Nested Groups: {2}) (Contacts: {3}) (MailEnabled: {4})",
    $_.Name,
    $_.Members.Count,
    $Groups.Count,
    $Contacts.Count,
    $MailEnabled)

  Set-QADGroup $_.DN -Description $Description
}

Open in new window

Author

Commented:
Thank you Chris...
:-)

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial