Solved

PowerShell need to pull user info from ad group

Posted on 2013-06-12
10
1,339 Views
Last Modified: 2013-07-16
I have a script that will pull the users from a group.  I also need a have the AD properties of the users.  I will show you what I have now.

Get-ADGroupMember -Identity vpn | ForEach-Object {

Get-ADUser -Filter $name  -SearchBase "ou=Users, dc=Domain, dc=com" -Properties * | Select-Object -Property Name,SamAccountName,Description,EmailAddress,LastLogonDate,Manager,Title,Department,whenCreated,Enabled,Organization | Sort-

Object -Property Name } | Export-Csv c:\temp\test1.csv

what am I doing wrong?
0
Comment
Question by:FAC_IT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 3
10 Comments
 
LVL 40

Expert Comment

by:Subsun
ID: 39242028
You didn't define $name  anywhere in script.. Try..

Get-ADGroupMember -Identity vpn | ForEach-Object {
Get-ADUser  $_.Samaccountname  -SearchBase "ou=Users, dc=Domain, dc=com" -Properties * | Select-Object -Property Name,SamAccountName,Description,EmailAddress,LastLogonDate,Manager,Title,Department,whenCreated,Enabled,Organization | Sort-Object -Property Name } | Export-Csv c:\temp\test1.csv

Open in new window


Or

Get-ADGroupMember -Identity vpn | Get-ADUser -Filter $name  -SearchBase "ou=Users, dc=Domain, dc=com" -Properties * | Select-Object -Property Name,SamAccountName,Description,EmailAddress,LastLogonDate,Manager,Title,Department,whenCreated,Enabled,Organization | Sort-Object -Property Name } | Export-Csv c:\temp\test1.csv

Open in new window

0
 
LVL 70

Expert Comment

by:Qlemo
ID: 39242029
You are asking for the properties of $name - which is an undefined var. You'll have to use $_.Name instead.
Get-ADGroupMember -Identity vpn | ForEach-Object {
  Get-ADUser -Filter $_.Name  -SearchBase "ou=Users, dc=Domain, dc=com" -Properties * |
  Select-Object -Property Name, SamAccountName, Description, EmailAddress, LastLogonDate, Manager, Title, Department, whenCreated, Enabled, Organization |
  Sort-Object -Property Name
} | Export-Csv c:\temp\test1.csv

Open in new window

You can prevent from such mistakes if you run
Set-StrictMode -version latest

Open in new window

as very first command of your prompt or script. That switches to a more strict policy about using undefined vars (and more), which is useful in particular to detect typos.
0
 
LVL 40

Expert Comment

by:Subsun
ID: 39242052
There is an update in the second code which I posted (I missed to remove the $name)...
Get-ADGroupMember -Identity vpn | Get-ADUser -SearchBase "ou=Users, dc=Domain, dc=com" -Properties * | Select-Object -Property Name,SamAccountName,Description,EmailAddress,LastLogonDate,Manager,Title,Department,whenCreated,Enabled,Organization | Sort-Object -Property Name } | Export-Csv c:\temp\test1.csv

Open in new window

0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 70

Expert Comment

by:Qlemo
ID: 39242061
The last approach (of Subsun, using the pipe directly) is the best one, as it just passes the object as necessary along the pipe. This often works as expected.
0
 

Author Comment

by:FAC_IT
ID: 39242071
This is the error I am getting when I use -filter $_.name: Get-ADUser : Error parsing query: 'Brandi Snead' Error Message: 'syntax error' at position: '8'.
At C:\users\user\Desktop\Users.ps1:3 char:1
+ Get-ADUser -Filter $_.name -SearchBase "ou=Users,dc=domain,dc=com" -Proper ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ParserError: (:) [Get-ADUser], ADFilterParsingException
    + FullyQualifiedErrorId : Error parsing query: 'Brandi Snead' Error Message: 'syntax error' at position: '8'.,Micr
   osoft.ActiveDirectory.Management.Commands.GetADUser


This what I get when I use $_.Samaccountname

Get-ADUser : A positional parameter cannot be found that accepts argument 'burbina'.
At C:\users\user\Desktop\Users.ps1:3 char:1
+ Get-ADUser $_.Samaccountname   -SearchBase "ou=Users,dc=Domain,dc=com" -Pr ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (:) [Get-ADUser], ParameterBindingException
    + FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.ActiveDirectory.Management.Commands.GetADUser
0
 
LVL 70

Expert Comment

by:Qlemo
ID: 39242083
Use the syntax as shown in http:#a39242052 .
0
 

Author Comment

by:FAC_IT
ID: 39242120
Qlemo,

When I run it like you want in a39242052 it is asking for a Filter.  I try a * and it came back with everything in the users OU.
0
 
LVL 40

Expert Comment

by:Subsun
ID: 39242313
Try..
Get-ADGroupMember -Identity vpn | ?{$_.distinguishedName -like "*ou=Users,dc=Domain,dc=com"} | Get-ADUser -Properties * | Select-Object -Property Name,SamAccountName,Description,EmailAddress,LastLogonDate,Manager,Title,Department,whenCreated,Enabled,Organization | Sort-Object -Property Name | Export-Csv c:\temp\test1.csv

Open in new window

0
 

Author Comment

by:FAC_IT
ID: 39242345
I get no errors and it creates a file but there is nothing in it.  What does the ? do?
0
 
LVL 40

Accepted Solution

by:
Subsun earned 500 total points
ID: 39242363
The command will display the member if they are from Users OU, is that what you want?
If yes, do you get any output for following command?
Get-ADGroupMember -Identity vpn | ?{$_.distinguishedName -like "*ou=Users,dc=Domain,dc=com"}

Open in new window

0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question