Solved

PowerShell need to pull user info from ad group

Posted on 2013-06-12
10
1,231 Views
Last Modified: 2013-07-16
I have a script that will pull the users from a group.  I also need a have the AD properties of the users.  I will show you what I have now.

Get-ADGroupMember -Identity vpn | ForEach-Object {

Get-ADUser -Filter $name  -SearchBase "ou=Users, dc=Domain, dc=com" -Properties * | Select-Object -Property Name,SamAccountName,Description,EmailAddress,LastLogonDate,Manager,Title,Department,whenCreated,Enabled,Organization | Sort-

Object -Property Name } | Export-Csv c:\temp\test1.csv

what am I doing wrong?
0
Comment
Question by:FAC_IT
  • 4
  • 3
  • 3
10 Comments
 
LVL 40

Expert Comment

by:Subsun
Comment Utility
You didn't define $name  anywhere in script.. Try..

Get-ADGroupMember -Identity vpn | ForEach-Object {
Get-ADUser  $_.Samaccountname  -SearchBase "ou=Users, dc=Domain, dc=com" -Properties * | Select-Object -Property Name,SamAccountName,Description,EmailAddress,LastLogonDate,Manager,Title,Department,whenCreated,Enabled,Organization | Sort-Object -Property Name } | Export-Csv c:\temp\test1.csv

Open in new window


Or

Get-ADGroupMember -Identity vpn | Get-ADUser -Filter $name  -SearchBase "ou=Users, dc=Domain, dc=com" -Properties * | Select-Object -Property Name,SamAccountName,Description,EmailAddress,LastLogonDate,Manager,Title,Department,whenCreated,Enabled,Organization | Sort-Object -Property Name } | Export-Csv c:\temp\test1.csv

Open in new window

0
 
LVL 68

Expert Comment

by:Qlemo
Comment Utility
You are asking for the properties of $name - which is an undefined var. You'll have to use $_.Name instead.
Get-ADGroupMember -Identity vpn | ForEach-Object {
  Get-ADUser -Filter $_.Name  -SearchBase "ou=Users, dc=Domain, dc=com" -Properties * |
  Select-Object -Property Name, SamAccountName, Description, EmailAddress, LastLogonDate, Manager, Title, Department, whenCreated, Enabled, Organization |
  Sort-Object -Property Name
} | Export-Csv c:\temp\test1.csv

Open in new window

You can prevent from such mistakes if you run
Set-StrictMode -version latest

Open in new window

as very first command of your prompt or script. That switches to a more strict policy about using undefined vars (and more), which is useful in particular to detect typos.
0
 
LVL 40

Expert Comment

by:Subsun
Comment Utility
There is an update in the second code which I posted (I missed to remove the $name)...
Get-ADGroupMember -Identity vpn | Get-ADUser -SearchBase "ou=Users, dc=Domain, dc=com" -Properties * | Select-Object -Property Name,SamAccountName,Description,EmailAddress,LastLogonDate,Manager,Title,Department,whenCreated,Enabled,Organization | Sort-Object -Property Name } | Export-Csv c:\temp\test1.csv

Open in new window

0
 
LVL 68

Expert Comment

by:Qlemo
Comment Utility
The last approach (of Subsun, using the pipe directly) is the best one, as it just passes the object as necessary along the pipe. This often works as expected.
0
 

Author Comment

by:FAC_IT
Comment Utility
This is the error I am getting when I use -filter $_.name: Get-ADUser : Error parsing query: 'Brandi Snead' Error Message: 'syntax error' at position: '8'.
At C:\users\user\Desktop\Users.ps1:3 char:1
+ Get-ADUser -Filter $_.name -SearchBase "ou=Users,dc=domain,dc=com" -Proper ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ParserError: (:) [Get-ADUser], ADFilterParsingException
    + FullyQualifiedErrorId : Error parsing query: 'Brandi Snead' Error Message: 'syntax error' at position: '8'.,Micr
   osoft.ActiveDirectory.Management.Commands.GetADUser


This what I get when I use $_.Samaccountname

Get-ADUser : A positional parameter cannot be found that accepts argument 'burbina'.
At C:\users\user\Desktop\Users.ps1:3 char:1
+ Get-ADUser $_.Samaccountname   -SearchBase "ou=Users,dc=Domain,dc=com" -Pr ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (:) [Get-ADUser], ParameterBindingException
    + FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.ActiveDirectory.Management.Commands.GetADUser
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 68

Expert Comment

by:Qlemo
Comment Utility
Use the syntax as shown in http:#a39242052 .
0
 

Author Comment

by:FAC_IT
Comment Utility
Qlemo,

When I run it like you want in a39242052 it is asking for a Filter.  I try a * and it came back with everything in the users OU.
0
 
LVL 40

Expert Comment

by:Subsun
Comment Utility
Try..
Get-ADGroupMember -Identity vpn | ?{$_.distinguishedName -like "*ou=Users,dc=Domain,dc=com"} | Get-ADUser -Properties * | Select-Object -Property Name,SamAccountName,Description,EmailAddress,LastLogonDate,Manager,Title,Department,whenCreated,Enabled,Organization | Sort-Object -Property Name | Export-Csv c:\temp\test1.csv

Open in new window

0
 

Author Comment

by:FAC_IT
Comment Utility
I get no errors and it creates a file but there is nothing in it.  What does the ? do?
0
 
LVL 40

Accepted Solution

by:
Subsun earned 500 total points
Comment Utility
The command will display the member if they are from Users OU, is that what you want?
If yes, do you get any output for following command?
Get-ADGroupMember -Identity vpn | ?{$_.distinguishedName -like "*ou=Users,dc=Domain,dc=com"}

Open in new window

0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Join & Write a Comment

"Migrate" an SMTP relay receive connector to a new server using info from an old server.
Create and license users in Office 365 in bulk based on a CSV file. A step-by-step guide with PowerShell script examples.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now