• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 446
  • Last Modified:

Active Directory Active User Query

I need a command that will provide me a list of all enabled users in AD, but exclude User accounts that are members of a certain Security Group, such as "Domain Admin".  How can I modify the below command to include the exclusion?


Get-ADUser -LdapFilter "(&(!useraccountcontrol:1.2.840.113556.1.4.803:=2))" | Select-Object Name,UserPrincipalName |Sort-Object Name
0
fireguy1125
Asked:
fireguy1125
1 Solution
 
Will SzymkowskiSenior Solution ArchitectCommented:
Use the following syntax below to accomplish this...

Get-ADUser -filter * -properties * | ? {$_.Enabled -eq $true -and -ne (Get-ADGroup -Identity <groupname>)} | sort-object -property Name | select Name, UserPrincipalName

Open in new window


Will.
0
 
jss1199Commented:
and another filter to the LdapFilter to filter out those members that are memberof the group in questions.

I am mobile, but syntax should be something like:

-LdapFilter "(&(!useraccountcontrol:1.2.840.113556.1.4.803:=2))" AND (!(|(memberof=CN=YOURGROUPHERE,dc=domain,dc=com)
0
 
SubsunCommented:
Try..
Get-ADUser -LdapFilter "(&(!useraccountcontrol:1.2.840.113556.1.4.803:=2))" -properties memberof | ?{$_.memberof -notmatch "CN=GroupName"}| Select-Object Name,UserPrincipalName |Sort-Object Name

Open in new window

Or
Get-ADUser -LdapFilter "(&(!useraccountcontrol:1.2.840.113556.1.4.803:=2))" -properties memberof | 
	?{($_.memberof | Get-ADGroup | Select -ExpandProperty Name) -notcontains "GroupName"}| 
	Select-Object Name,UserPrincipalName |Sort-Object Name

Open in new window

0
 
fireguy1125Author Commented:
Your first one worked perfect Subsun, thanks!
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now