[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 340
  • Last Modified:

need from your expertise to build a powershell script

Hello Experts


I have been given a task from the finance department to help them to chargeback for SASAPP users and write a PowerShell script to automate and alleviate the need for someone to do manual reporting each month.  

So here’s the challenge:

Write a PowerShell script that will produce a csv file that contains unique SASAPP Users, the columns in the csv should be username, firstname, lastname, departmentnumber.

The csv should be timestamped somehow with when it was created so that Finance can do an audit at a later date.

People are granted access to SASAPP using two Security Groups, RDS_SAS and RDS_SAS2 so if they are in one of those Security Groups, Finance will charge them.

The departmentNumber AD User attribute actually contains a cost centre code that Finance will use for the chargeback.

Can someone help me to write this powershell script and test?

Your feedback is really appreciated
0
Jerry Seinfield
Asked:
Jerry Seinfield
  • 8
  • 4
1 Solution
 
Melih SARICACommented:
as i understand u need a script to list users in a AD security-group with desired fields..

Is that true?
0
 
Jerry SeinfieldAuthor Commented:
The script is supposed to produce a csv file with only users from a specific application. FYI SASAPP is a third party application that we used for telephony and chargeback based on some criteria. The SASAPP users are contained on the two distribution groups below explained

Please see details below

Write a PowerShell script that will produce a csv file that contains unique SASAPP Users, the columns in the csv should be username, firstname, lastname, departmentnumber.

The csv should be timestamped somehow with when it was created so that Finance can do an audit at a later date.

People are granted access to SASAPP using two Security Groups, RDS_SAS and RDS_SAS2 so if they are in one of those Security Groups, Finance will charge them.

The departmentNumber AD User attribute actually contains a cost centre code that Finance will use for the chargeback.
0
 
Jerry SeinfieldAuthor Commented:
Any updates?

Subsun, can you please provide your input here?
0
A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

 
Jerry SeinfieldAuthor Commented:
Can I please get an update?
0
 
Jerry SeinfieldAuthor Commented:
Good Afternoon all PowerShell Experts and Team,

Can anyone please pick up this case and provide some sort of support here?

Your feedback is really appreciated

Looking forward hearing from you
0
 
Justin YeungCommented:
would you please be a little more clear about what you need?

you mentioned about a timestamp csv file but what timestamp do you need?

the user access the application? or the user logon to their computer?
0
 
Jerry SeinfieldAuthor Commented:
Hi Justin,

There is a third party application called SAS that is integrated with AD.  People are granted access to this application using two Security Groups, RDS_SAS and RDS_SAS2 so if they are in one of those Security Groups in AD, they will access the app.

Each user connect to their computer using a domain account and access the application via web. The only users that have access to this application are the ones who are member of the security groups explained above

Every month the finance department has to create a manual report  with some parameters such as username, firstname, lastname, departmentnumber information that is pulled out from AD. Each domain user in our AD has an attribute called The departmentNumber  which actually contains a cost centre and this code cost centre will used by finance to chargeback users.

Request

The challenge is  to write a PowerShell script that will produce a csv file with only users from the application[users members of the 2 security groups above]

The columns in the csv should be username, firstname, lastname, departmentnumber

The csv should be timestamped somehow with when it was created so that Finance can do an audit at a later date. Perhaps or correct me if i wrong create the file name  with the actual format datetime when it was created, for example SASReport2282014 and include a column inside the csv file with the time it was created, or maybe something else

Please see the notes below

People are granted access to SAS using two Security Groups, RDS_SAS and RDS_SAS2 so if they are in one of those Security Groups, Finance will charge them.

The departmentNumber AD User attribute actually contains a cost centre code that Finance will use for the chargeback

I hope you have a better understanding of the request

SO, basically we need a script to list users in a AD security-groups with desired fields, create a csv based on that information, and validate the csv is timestamped somehow and export the information on this csv with those fields
0
 
Justin YeungCommented:
import-module activedirectory
$groups = get-adgroup | ? {$_.Name -eq "RDS_SAS" -or $_.name "RDS_SAS2"}
foreach {$group in $groups}
{
$date = (get-date).tostring("MMddyyyy")
$path = "\\path\path\SASReport" + $date + ".txt"
get-adgroupmember $group.name -properties * | ft Name,Givename,Surname, departmentnumber | out-file $path -append
}


this should work for what you need.
0
 
Jerry SeinfieldAuthor Commented:
Thanks Justin,

what line of your code creates the csv based on that information?

Where the csv file is timestamped and the information on the csv is exported to a file?
0
 
Justin YeungCommented:
$path = "\\path\path\SASReport" + $date + ".txt"


it is a txt file since it needs to be appended.

on $date = (get-date).tostring("MMddyyyy"), which means $date = MMddyyyy

$path will equal "\\path\path\SASReportMMddyyyy.txt"
0
 
Jerry SeinfieldAuthor Commented:
should i replace path\path with a network location so should I leave it as this?
0
 
Justin YeungCommented:
I made a bit changes that makes the out come better and tested it....

import-module activedirectory
$groups = get-adgroup -filter * | ?  {$_.Name -eq "RDS_SAS" -or $_.name "RDS_SAS2"}
foreach ($group in $groups)
{
$Users = get-adgroupmember $group.name
foreach ($user in $users)
{
$Userinfo = Get-ADUser -id $user.SamAccountName -Properties *

$array = @()
$Properties = @{Name=$Userinfo.Name;LastName=$Userinfo.surname;FirstName=$Userinfo.givenname;"Department Number"=$Userinfo.departmentnumber;"Group Name"=$group.name}

$Newobject = New-Object  PSObject -Property  $Properties

$Array +=$Newobject

 

$date = (get-date).tostring("MMddyyyy")
$path = "your path" + $date + ".csv"

$array | Select-Object Name,LastName,FirstName,@{Name="Department Number";Expression={$userinfo.departmentNumber}},"Group Name" | export-csv $path -Append

}
}


note: it requires powershell 3.0 to support -append under export-csv
0
 
Jerry SeinfieldAuthor Commented:
Thanks Justin

Allow me some time to do full testing and will get back to you
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

  • 8
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now