Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Powershell - How to check if a set of users are members of certain groups.

Posted on 2013-10-30
9
Medium Priority
?
622 Views
Last Modified: 2013-10-31
Hi EE

This is a weird issue even describing .. Does anyone have a way of doing the task below .

I have a set of users .. 2500 .. and I need to know which users are members of a set of 5 groups ..

any ideas ?
0
Comment
Question by:MilesLogan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
  • +1
9 Comments
 
LVL 20

Expert Comment

by:TheAvenger
ID: 39610882
General idea: create a string with all your users, then call a function to check the membership and react for each one of them.

Here is a topic on array initialization with strings and going through it using a for loop: http://get-powershell.com/post/2008/02/07/Powershell-function-New-Array.aspx

Here is a topic on how to check user membership in a group: http://social.technet.microsoft.com/Forums/scriptcenter/en-US/1e75ab95-fd52-4eb5-a1c3-136d14050b63/check-if-specific-user-is-member-of-specific-group

There are many more articles on the topics in google, so you just need to combine several to reach your solution.
0
 
LVL 40

Expert Comment

by:Subsun
ID: 39610982
What type of result file are you looking for? Do you need to report each group membership status (True false against each group) or just report if they are missing any group? or do you need to add them to group if they are missing the group membership?
0
 
LVL 35

Expert Comment

by:YZlat
ID: 39611606
See if this works for you:

$Groups = Get-Content C:\GroupsList.txt
$Users = Get-Content C:\UserList.txt

$MembersArray = @()

foreach ( $User in $Users ) {
        foreach ( $Group in $Groups ) {

            $memberOf = Get-QADMemberOf -Identity $User -Name $Group

            if($memberOf)
            {
                $MembersArray += $User
            }
         
        }
        
}


$MembersArray | Export-CSV C:\ListOfMembers.csv -NoType

Open in new window

0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 2

Author Comment

by:MilesLogan
ID: 39611643
Hi YZlat

I modified the path to point to where I have the user and group list and the outout is listed below ..

PSPath      PSParentPath      PSChildName      PSDrive      PSProvider      ReadCount      Length
E:\Projects\Groups\Users.txt      E:\Projects\Groups      Users.txt      E      Microsoft.PowerShell.Core\FileSystem      1      8
E:\Projects\Groups\Users.txt      E:\Projects\Groups      Users.txt      E      Microsoft.PowerShell.Core\FileSystem      1      8
E:\Projects\Groups\Users.txt      E:\Projects\Groups      Users.txt      E      Microsoft.PowerShell.Core\FileSystem      1      8
E:\Projects\Groups\Users.txt      E:\Projects\Groups      Users.txt      E      Microsoft.PowerShell.Core\FileSystem      2      8
E:\Projects\Groups\Users.txt      E:\Projects\Groups      Users.txt      E      Microsoft.PowerShell.Core\FileSystem      2      8
E:\Projects\Groups\Users.txt      E:\Projects\Groups      Users.txt      E      Microsoft.PowerShell.Core\FileSystem      2      8
E:\Projects\Groups\Users.txt      E:\Projects\Groups      Users.txt      E      Microsoft.PowerShell.Core\FileSystem      2      8
E:\Projects\Groups\Users.txt      E:\Projects\Groups      Users.txt      E      Microsoft.PowerShell.Core\FileSystem      2      8
E:\Projects\Groups\Users.txt      E:\Projects\Groups      Users.txt      E      Microsoft.PowerShell.Core\FileSystem      2      8
0
 
LVL 40

Expert Comment

by:Subsun
ID: 39611708
@MilesLogan, Could you please clarify my above question?
0
 
LVL 2

Author Comment

by:MilesLogan
ID: 39611718
Hi SubSub .. I just need to know if they are a member of any of those groups ..  I just need the SAmAccountName and which group they where a member of in the output file .
0
 
LVL 40

Accepted Solution

by:
Subsun earned 2000 total points
ID: 39611772
Try this and see if the output works for you...
$Groups = Get-Content C:\temp\Groups.txt
Get-Content C:\temp\User.txt | % {
$User = $_
 foreach ($Group in $Groups) {
	If(!(Get-QADMemberOf $User -Name $Group))
	{
		New-Object PSObject -Property @{
			User = $User
			Group = $Group
			Member = "No"
		}
	}
	Else{
		New-Object PSObject -Property @{
			User = $User
			Group = $Group
			Member = "Yes"
		}
	}
}
} | Select User,Group,Member | Export-CSV C:\Report.csv -NTI

Open in new window

0
 
LVL 35

Expert Comment

by:YZlat
ID: 39612101
could you show me the sample content of Users.txt and Groups.txt?
0
 
LVL 2

Author Closing Comment

by:MilesLogan
ID: 39615646
Worked perfect ! thanks !
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question