?
Solved

PowerShell need to pull user info from ad group

Posted on 2013-06-12
10
Medium Priority
?
1,399 Views
Last Modified: 2013-07-16
I have a script that will pull the users from a group.  I also need a have the AD properties of the users.  I will show you what I have now.

Get-ADGroupMember -Identity vpn | ForEach-Object {

Get-ADUser -Filter $name  -SearchBase "ou=Users, dc=Domain, dc=com" -Properties * | Select-Object -Property Name,SamAccountName,Description,EmailAddress,LastLogonDate,Manager,Title,Department,whenCreated,Enabled,Organization | Sort-

Object -Property Name } | Export-Csv c:\temp\test1.csv

what am I doing wrong?
0
Comment
Question by:FAC_IT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 3
10 Comments
 
LVL 40

Expert Comment

by:Subsun
ID: 39242028
You didn't define $name  anywhere in script.. Try..

Get-ADGroupMember -Identity vpn | ForEach-Object {
Get-ADUser  $_.Samaccountname  -SearchBase "ou=Users, dc=Domain, dc=com" -Properties * | Select-Object -Property Name,SamAccountName,Description,EmailAddress,LastLogonDate,Manager,Title,Department,whenCreated,Enabled,Organization | Sort-Object -Property Name } | Export-Csv c:\temp\test1.csv

Open in new window


Or

Get-ADGroupMember -Identity vpn | Get-ADUser -Filter $name  -SearchBase "ou=Users, dc=Domain, dc=com" -Properties * | Select-Object -Property Name,SamAccountName,Description,EmailAddress,LastLogonDate,Manager,Title,Department,whenCreated,Enabled,Organization | Sort-Object -Property Name } | Export-Csv c:\temp\test1.csv

Open in new window

0
 
LVL 70

Expert Comment

by:Qlemo
ID: 39242029
You are asking for the properties of $name - which is an undefined var. You'll have to use $_.Name instead.
Get-ADGroupMember -Identity vpn | ForEach-Object {
  Get-ADUser -Filter $_.Name  -SearchBase "ou=Users, dc=Domain, dc=com" -Properties * |
  Select-Object -Property Name, SamAccountName, Description, EmailAddress, LastLogonDate, Manager, Title, Department, whenCreated, Enabled, Organization |
  Sort-Object -Property Name
} | Export-Csv c:\temp\test1.csv

Open in new window

You can prevent from such mistakes if you run
Set-StrictMode -version latest

Open in new window

as very first command of your prompt or script. That switches to a more strict policy about using undefined vars (and more), which is useful in particular to detect typos.
0
 
LVL 40

Expert Comment

by:Subsun
ID: 39242052
There is an update in the second code which I posted (I missed to remove the $name)...
Get-ADGroupMember -Identity vpn | Get-ADUser -SearchBase "ou=Users, dc=Domain, dc=com" -Properties * | Select-Object -Property Name,SamAccountName,Description,EmailAddress,LastLogonDate,Manager,Title,Department,whenCreated,Enabled,Organization | Sort-Object -Property Name } | Export-Csv c:\temp\test1.csv

Open in new window

0
Need protection from advanced malware attacks?

Look no further than WatchGuard's Total Security Suite, providing defense in depth against today's most headlining attacks like Petya 2.0 and WannaCry. Keep your organization out of the news with protection from known and unknown threats.

 
LVL 70

Expert Comment

by:Qlemo
ID: 39242061
The last approach (of Subsun, using the pipe directly) is the best one, as it just passes the object as necessary along the pipe. This often works as expected.
0
 

Author Comment

by:FAC_IT
ID: 39242071
This is the error I am getting when I use -filter $_.name: Get-ADUser : Error parsing query: 'Brandi Snead' Error Message: 'syntax error' at position: '8'.
At C:\users\user\Desktop\Users.ps1:3 char:1
+ Get-ADUser -Filter $_.name -SearchBase "ou=Users,dc=domain,dc=com" -Proper ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ParserError: (:) [Get-ADUser], ADFilterParsingException
    + FullyQualifiedErrorId : Error parsing query: 'Brandi Snead' Error Message: 'syntax error' at position: '8'.,Micr
   osoft.ActiveDirectory.Management.Commands.GetADUser


This what I get when I use $_.Samaccountname

Get-ADUser : A positional parameter cannot be found that accepts argument 'burbina'.
At C:\users\user\Desktop\Users.ps1:3 char:1
+ Get-ADUser $_.Samaccountname   -SearchBase "ou=Users,dc=Domain,dc=com" -Pr ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (:) [Get-ADUser], ParameterBindingException
    + FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.ActiveDirectory.Management.Commands.GetADUser
0
 
LVL 70

Expert Comment

by:Qlemo
ID: 39242083
Use the syntax as shown in http:#a39242052 .
0
 

Author Comment

by:FAC_IT
ID: 39242120
Qlemo,

When I run it like you want in a39242052 it is asking for a Filter.  I try a * and it came back with everything in the users OU.
0
 
LVL 40

Expert Comment

by:Subsun
ID: 39242313
Try..
Get-ADGroupMember -Identity vpn | ?{$_.distinguishedName -like "*ou=Users,dc=Domain,dc=com"} | Get-ADUser -Properties * | Select-Object -Property Name,SamAccountName,Description,EmailAddress,LastLogonDate,Manager,Title,Department,whenCreated,Enabled,Organization | Sort-Object -Property Name | Export-Csv c:\temp\test1.csv

Open in new window

0
 

Author Comment

by:FAC_IT
ID: 39242345
I get no errors and it creates a file but there is nothing in it.  What does the ? do?
0
 
LVL 40

Accepted Solution

by:
Subsun earned 1500 total points
ID: 39242363
The command will display the member if they are from Users OU, is that what you want?
If yes, do you get any output for following command?
Get-ADGroupMember -Identity vpn | ?{$_.distinguishedName -like "*ou=Users,dc=Domain,dc=com"}

Open in new window

0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question