Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Powershell - export 'member of' for a user

Posted on 2011-09-26
6
Medium Priority
?
1,908 Views
Last Modified: 2012-05-12
Dear

For backup purposes we need an export per user that contains the memberships for that user.

Say for example user "john doe" is in 'domain.in.grp' in the OU 'users'. Then I would need an export (text or csv, doesn't realy mather) that contains a line-per-line export of all groups that user is member of. (the 'member of' tab in the user properties window)

i would like to do this in powershell (no third party software) because it is part of a bigger script.

thank you!
0
Comment
Question by:ISUNI
  • 3
  • 2
6 Comments
 
LVL 37

Accepted Solution

by:
Neil Russell earned 2000 total points
ID: 36597692
The easiest way is to install the Quest QAD Commandlets for powershell. This is just a set of commandlets that add on to powershells functionality. After all powershell is basically just an extensible shell.

For a single user use...

$user = Get-QADUser 'Poshoholic'
$user.memberOf | Get-QADGroup

And for ALL users use

$Users = Get-QADUser
foreach ($User in $Users)
{
Write-Host "------------------------"
$user
$user.memberof | Get-QADGroup  
}
0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 36597979
Sorry, forgot link to powershell extensions by Quest

http://www.quest.com/powershell/activeroles-server.aspx
0
 
LVL 6

Expert Comment

by:netjgrnaut
ID: 36600884
One additional note: the $User.MemberOf attribute does not contain the default group of the user.  You either need to include the $User.PrimaryGroupId - which is numeric, and equates to the RID of the group.  Digging that out gets complicated considering you can much more easily do...

Get-QADMemberOf 'Poshoholic'

Open in new window


...for a single user, and...

$Users = Get-QADUser
foreach ($User in $Users) {
    Write-Host "------------------------"
    $User
    Get-QADMemberOf $User 
} 

Open in new window


Hope that helps!
0
WatchGuard Case Study: NCR

With business operations for thousands of customers largely depending on the internal systems they support, NCR can’t afford to waste time or money on security products that are anything less than exceptional. That’s why they chose WatchGuard.

 
LVL 37

Expert Comment

by:Neil Russell
ID: 36601236
Do YOU actually change users Primary Group? I have not met a sys admin that does that in years! As the Default Default group is Domain Users and EVERY user is a member of it, I never report on it.
0
 
LVL 6

Expert Comment

by:netjgrnaut
ID: 36601261
Actually, I found this the "hard" way at a customer where they make a practice of setting the default group on service and admin accounts to something other than Domain Users for subsequent processing by Group Policy.

So... yes, I've seen it. In a domain of 18k+ accounts, it matters.
0
 

Author Closing Comment

by:ISUNI
ID: 36954114
Thank you! This helps.
0

Featured Post

Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently we ran in to an issue while running some SQL jobs where we were trying to process the cubes.  We got an error saying failure stating 'NT SERVICE\SQLSERVERAGENT does not have access to Analysis Services. So this is a way to automate that wit…
Measuring Server's processing rate with a simple powershell command. The differences in processing rate also was recorded in different use-cases, when a server in free and busy states.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
Loops Section Overview

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question