Link to home
Start Free TrialLog in
Avatar of Twhite0909
Twhite0909

asked on

AD Query for Users - Add line for Domain Admins

I posted a question on here recently that was answered already for running a AD powershell query for Users and exporting to a clewan CSV shoing Title name department etc...  I am wionder if it is possible to add to this cmd to also pull all Domain Admins in AD and list them in their own category on the CSV.  Below is the cmd SUBSUN provided foir running the AD USer Query and below that is a Query I found for pulling the DOmain Admins.  I am having trouble combining them to make one CSV.

Thanks in Advanced for your help!





COMMAND FOR AD USER QUERY:

Get-ADUser -Filter * -Properties Title,Department,LastLogonDate,whenCreated,Enabled -SearchBase "DC=ad,DC=local" |
? {$_.Name -notlike "*ConfRm*" `
 -and $_.SamAccountName -notlike "*IG*" `
  -and $_.SamAccountName -notlike "*Mail*" `
 -and $_.SamAccountName -notlike "*QPM*" `
     -and $_.DistinguishedName -notmatch 'OU=SharedMailboxes,DC=AD,DC=Local' `
   
      -and $_.DistinguishedName -notmatch 'OU=ServiceAccounts,DC=AD,DC=Local'}  |
Select Name,Title,Department,LastLogonDate,whenCreated,Enabled |
Export-Csv "C:\myscripts\ADusers.csv" –NoTypeInformation





CMD for Domain ADMIN Query:
Get-ADGroupMember 'domain admins'
Avatar of coraxal
coraxal
Flag of United States of America image
One approach would be to use PSCustom objects to combine users from both queries
  
$usersCol = @()
# Get AD users
$users = Get-ADUser -Filter * -Properties Title,Department,LastLogonDate,whenCreated,Enabled -SearchBase "DC=ad,DC=local" |
? {$_.Name -notlike "*ConfRm*" `
 -and $_.SamAccountName -notlike "*IG*" `
  -and $_.SamAccountName -notlike "*Mail*" `
 -and $_.SamAccountName -notlike "*QPM*" `
     -and $_.DistinguishedName -notmatch 'OU=SharedMailboxes,DC=AD,DC=Local' `
         -and $_.DistinguishedName -notmatch 'OU=ServiceAccounts,DC=AD,DC=Local'}
# Get Domain Admins
$domainAdminUsers = Get-ADGroupMember -Identity "Domain Admins"

foreach ($user in $users)
{
	$objTemp = New-Object PSObject -Property @{            
		NAME = $user.Name
		TITLE = $user.Title
		DEPARTMENT = $user.Department
		LASTLOGONDATE = $user.LastLogonDate
		WHENCREATED = $user.WhenCreated
		ENABLED = $user.Enabled
		DOMAINADMIN = $false
	}            
	    
	$usersCol += $objTemp
}

foreach ($domainadmin in $domainAdminUsers)
{
	$adminuser = Get-ADUser -Identity $domainadmin.distinguishedName -Properties Title,Department,LastLogonDate,whenCreated,Enabled
			
	$objTemp = New-Object PSObject -Property @{            
		NAME = $adminuser.Name
		TITLE = $adminuser.Title
		DEPARTMENT = $adminuser.Department
		LASTLOGONDATE = $adminuser.LastLogonDate
		WHENCREATED = $adminuser.WhenCreated
		ENABLED = $adminuser.Enabled
		DOMAINADMIN = $true
	}

	$usersCol += $objTemp	
	
}

$usersCol | Export-Csv "C:\myscripts\ADusers.csv" -NoTypeInformation

Open in new window

Avatar of Twhite0909
Twhite0909

ASKER

Ok so now I just need to pull the name sof the current domain admins tand thats all.  However when I run the following:

Get-ADGroupMember 'domain admins'


I get Name, Samaccount,name Distinguished name, SID, Object Class and Ibject GUID

How can I export to CSV but only pull the NAME and not the rest?

Thanks
ASKER CERTIFIED SOLUTION
Avatar of SubSun
SubSun
Flag of India image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial