Solved

Finding users who are NOT in a group/groups

Posted on 2011-03-02
13
735 Views
Last Modified: 2012-05-11
I need to identify users who do not have a disclaimer configured in Exchange, there are many disclaimer groups all starting:

grp_Email_footer

So I have a list of all users I want to target with the script and want to return all users whos allmemberof attribute does not contain the string "grp_email_footer"

As far as I can see the following should do the trick, but it is returning ALL users from the imput file and I know that there are many it should not be returning as they have disclaimers configured:

Import-Csv "C:\SCRIPTS\test.csv" | `
foreach {
$Name = $_.DisplayName
Get-QADUser "$NAME" -IncludedProperties TargetAddress | ? {$_.allmemberof -notlike "grp_Email_footer_"}} | Select Name,SamAccountName,EMail,TargetAddress | Export-Csv -notype C:\SCRIPTS\TEST-OUTPUT.csv


Can anyone see where I am going wrong here? Or suggest an alternate angle of attack to the problem?

Ta

0
Comment
Question by:mat_sullivan
  • 7
  • 6
13 Comments
 
LVL 5

Expert Comment

by:daveTechSearch
ID: 35021044
try changing this:

? {$_.allmemberof -notlike "grp_Email_footer_"}}

to this:

? {$_.allmemberof -notcontains "grp_Email_footer_"}}
0
 
LVL 5

Expert Comment

by:daveTechSearch
ID: 35021298
give this a try
Import-csv "C:\SCRIPTS\test.csv" |
foreach{
$Name = $_.DisplayName
get-qaduser $name | where {get-qadgroup "grp_Email_footer_" -containsmember $name}
}

Open in new window

0
 
LVL 5

Expert Comment

by:daveTechSearch
ID: 35021509
sorry... messed that up slightly (i tested the reverse 'does contain')
Import-csv "C:\SCRIPTS\test.csv" |
@(foreach{
$Name = $_.DisplayName
get-qaduser $name -IncludedProperties TargetAddress | 
where {get-qadgroup "grp_Email_footer_" -notcontainsmember $name}}) | 
Select Name,SamAccountName,EMail,TargetAddress | 
Export-Csv -notype C:\SCRIPTS\TEST-OUTPUT.csv

Open in new window

0
 
LVL 4

Author Comment

by:mat_sullivan
ID: 35025497
When I run you version I ver the following

Missing opening '(' after keyword 'foreach'.
At line:2 char:11
+ @(foreach  <<<< {
    + CategoryInfo          : ParserError: (OpenParenToken:TokenI
    + FullyQualifiedErrorId : MissingOpenParenthesisAfterKeyword
0
 
LVL 5

Expert Comment

by:daveTechSearch
ID: 35028620
slightly modified
$queryGroup = "grp_Email_footer_"

@(foreach($_ in (import-csv "C:\temp\test.csv")) {
$Name = $_.DisplayName
get-qaduser $name -IncludedProperties TargetAddress | 
where {get-qadgroup $queryGroup -notcontainsmember $name}}) | 
Select Name,SamAccountName,EMail,TargetAddress | 
Export-Csv -notype C:\SCRIPTS\TEST-OUTPUT.csv

Open in new window

0
 
LVL 4

Author Comment

by:mat_sullivan
ID: 35028915
I am running this against a test file containing two users, one in a disclaimer group and one not in a disclaimer group. It is currently returning both users in the output, your script looks correct as far as I can tell so I would expect it the output to contain only one row, or maybe it could return all but with a true/false indicator of group membership?

This is quite frustrating as I can't see why it isn't working!
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 
LVL 5

Expert Comment

by:daveTechSearch
ID: 35029015
hmmm... odd... I can have  another look in a bit... my test was very similar to yours (two users, but a different group)..
0
 
LVL 5

Expert Comment

by:daveTechSearch
ID: 35029283
Well... I just ran a test and the script is working for me... I exported output for my 'regular' account and my 'domain admin' account to CSV for the query...  queried against the group "Domain admins"... my 'regular' account was returned as the one that is  NOT a member of "Domain admins"

This is what I just ran...
$queryGroup = "Domain Admins"

@(foreach($_ in (import-csv "C:\temp\test.csv")) {
$Name = $_.DisplayName
get-qaduser $name -IncludedProperties TargetAddress | 
where {get-qadgroup $queryGroup -notcontainsmember $name}}) | 
Select Name,SamAccountName,EMail,TargetAddress | 
Export-Csv -notype C:\temp\TEST-OUTPUT.csv

Open in new window

0
 
LVL 4

Author Comment

by:mat_sullivan
ID: 35034487
One other thing, "grp_Email_footer_" is not the actual group name, there are 20 disclaimer Distribution Groups but they all beging wth:

GRP_Email_footer_

Could this be a factor that is stopping the script returning the correct output?

The desired result is for it to return users who are not a member of any of the 20 possible Distribution Groups.

0
 
LVL 4

Author Comment

by:mat_sullivan
ID: 35034529
I have just ran the script and specified the exact group name that the test user is a member of and it works as expected, only returning the user not in the group in the output, but as above I would like to run the input file against a number of groups and return only users who are in none of them. How easy is this to accomplish?

0
 
LVL 5

Accepted Solution

by:
daveTechSearch earned 500 total points
ID: 35037860
This should work for you... changed it up a tad
$queryGroups = get-qadgroup 'GRP_Email_footer_*'

@(foreach($_ in (import-csv "C:\temp\test.csv")) {
$Name = $_.DisplayName
get-qaduser $name -IncludedProperties TargetAddress -notmemberof $queryGroups
}) | 
Select Name,SamAccountName,EMail,TargetAddress | 
Export-Csv -notype C:\temp\TEST-OUTPUT.csv

Open in new window

0
 
LVL 4

Author Comment

by:mat_sullivan
ID: 35067925
Sorry, just seen this update! Will test and come back.
0
 
LVL 4

Author Comment

by:mat_sullivan
ID: 35081509
This has done the trick! Took about 12 hours to run though! 6000+ records against a DC 5000 miles away etc... so not entirely unexpected.

Many thanks!
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help you understand what HashTables are and how to use them in PowerShell.
This article explains how to prepare an HTML email signature template file containing dynamic placeholders for users' Azure AD data. Furthermore, it explains how to use this file to remotely set up a department-wide email signature policy in Office …
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now