Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT
Course Of The Month
6 days, 8 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
AD Query for Users - Add line for Domain Admins
Posted on 2013-02-01
I posted a question on here recently that was answered already for running a AD powershell query for Users and exporting to a clewan CSV shoing Title name department etc... I am wionder if it is possible to add to this cmd to also pull all Domain Admins in AD and list them in their own category on the CSV. Below is the cmd SUBSUN provided foir running the AD USer Query and below that is a Query I found for pulling the DOmain Admins. I am having trouble combining them to make one CSV.
Thanks in Advanced for your help!
COMMAND FOR AD USER QUERY:
Get-ADUser -Filter * -Properties Title,Department,LastLogon
? {$_.Name -notlike "*ConfRm*" `
-and $_.SamAccountName -notlike "*IG*" `
-and $_.SamAccountName -notlike "*Mail*" `
-and $_.SamAccountName -notlike "*QPM*" `
-and $_.DistinguishedName -notmatch 'OU=SharedMailboxes,DC=AD,
-and $_.DistinguishedName -notmatch 'OU=ServiceAccounts,DC=AD,
Select Name,Title,Department,Last
Export-Csv "C:\myscripts\ADusers.csv"
CMD for Domain ADMIN Query:
Get-ADGroupMember 'domain admins'
Thanks in Advanced for your help!
COMMAND FOR AD USER QUERY:
Get-ADUser -Filter * -Properties Title,Department,LastLogon
? {$_.Name -notlike "*ConfRm*" `
-and $_.SamAccountName -notlike "*IG*" `
-and $_.SamAccountName -notlike "*Mail*" `
-and $_.SamAccountName -notlike "*QPM*" `
-and $_.DistinguishedName -notmatch 'OU=SharedMailboxes,DC=AD,
-and $_.DistinguishedName -notmatch 'OU=ServiceAccounts,DC=AD,
Select Name,Title,Department,Last
Export-Csv "C:\myscripts\ADusers.csv"
CMD for Domain ADMIN Query:
Get-ADGroupMember 'domain admins'
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
3 Comments
One approach would be to use PSCustom objects to combine users from both queries
$usersCol = @()
# Get AD users
$users = Get-ADUser -Filter * -Properties Title,Department,LastLogonDate,whenCreated,Enabled -SearchBase "DC=ad,DC=local" |
? {$_.Name -notlike "*ConfRm*" `
-and $_.SamAccountName -notlike "*IG*" `
-and $_.SamAccountName -notlike "*Mail*" `
-and $_.SamAccountName -notlike "*QPM*" `
-and $_.DistinguishedName -notmatch 'OU=SharedMailboxes,DC=AD,DC=Local' `
-and $_.DistinguishedName -notmatch 'OU=ServiceAccounts,DC=AD,DC=Local'}
# Get Domain Admins
$domainAdminUsers = Get-ADGroupMember -Identity "Domain Admins"
foreach ($user in $users)
{
$objTemp = New-Object PSObject -Property @{
NAME = $user.Name
TITLE = $user.Title
DEPARTMENT = $user.Department
LASTLOGONDATE = $user.LastLogonDate
WHENCREATED = $user.WhenCreated
ENABLED = $user.Enabled
DOMAINADMIN = $false
}
$usersCol += $objTemp
}
foreach ($domainadmin in $domainAdminUsers)
{
$adminuser = Get-ADUser -Identity $domainadmin.distinguishedName -Properties Title,Department,LastLogonDate,whenCreated,Enabled
$objTemp = New-Object PSObject -Property @{
NAME = $adminuser.Name
TITLE = $adminuser.Title
DEPARTMENT = $adminuser.Department
LASTLOGONDATE = $adminuser.LastLogonDate
WHENCREATED = $adminuser.WhenCreated
ENABLED = $adminuser.Enabled
DOMAINADMIN = $true
}
$usersCol += $objTemp
}
$usersCol | Export-Csv "C:\myscripts\ADusers.csv" -NoTypeInformation
Active 1 day ago
Ok so now I just need to pull the name sof the current domain admins tand thats all. However when I run the following:
Get-ADGroupMember 'domain admins'
I get Name, Samaccount,name Distinguished name, SID, Object Class and Ibject GUID
How can I export to CSV but only pull the NAME and not the rest?
Thanks
Get-ADGroupMember 'domain admins'
I get Name, Samaccount,name Distinguished name, SID, Object Class and Ibject GUID
How can I export to CSV but only pull the NAME and not the rest?
Thanks
Featured Post
![[Webinar] How Hackers Steal Your Credentials](https://filedb.experts-exchange.com/files/public/2017/5/20/3315d9d8-8110-4d52-be94-a5aacdd83e4b.png)
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
The Nano Server Image Builder helps you create a custom Nano Server image and bootable USB media with the aid of a graphical interface. Based on the inputs you provide, it generates images for deployment and creates reusable PowerShell scripts that …
- Windows Server 2016
- Powershell
- Windows 10
- Windows
- Azure
- *Microsoft, *download
A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
This is a high-level webinar that covers the history of enterprise open source database use. It addresses both the advantages companies see in using open source database technologies, as well as the fears and reservations they might have.
In this…
Suggested Courses
Course of the Month6 days, 8 hours left to enroll
726 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.