Solved

need from your expertise to build a powershell script

Posted on 2014-02-25
13
330 Views
Last Modified: 2014-03-13
Hello Experts


I have been given a task from the finance department to help them to chargeback for SASAPP users and write a PowerShell script to automate and alleviate the need for someone to do manual reporting each month.  

So here’s the challenge:

Write a PowerShell script that will produce a csv file that contains unique SASAPP Users, the columns in the csv should be username, firstname, lastname, departmentnumber.

The csv should be timestamped somehow with when it was created so that Finance can do an audit at a later date.

People are granted access to SASAPP using two Security Groups, RDS_SAS and RDS_SAS2 so if they are in one of those Security Groups, Finance will charge them.

The departmentNumber AD User attribute actually contains a cost centre code that Finance will use for the chargeback.

Can someone help me to write this powershell script and test?

Your feedback is really appreciated
0
Comment
Question by:Jerry Seinfield
  • 8
  • 4
13 Comments
 
LVL 19

Expert Comment

by:Melih SARICA
ID: 39888533
as i understand u need a script to list users in a AD security-group with desired fields..

Is that true?
0
 

Author Comment

by:Jerry Seinfield
ID: 39888728
The script is supposed to produce a csv file with only users from a specific application. FYI SASAPP is a third party application that we used for telephony and chargeback based on some criteria. The SASAPP users are contained on the two distribution groups below explained

Please see details below

Write a PowerShell script that will produce a csv file that contains unique SASAPP Users, the columns in the csv should be username, firstname, lastname, departmentnumber.

The csv should be timestamped somehow with when it was created so that Finance can do an audit at a later date.

People are granted access to SASAPP using two Security Groups, RDS_SAS and RDS_SAS2 so if they are in one of those Security Groups, Finance will charge them.

The departmentNumber AD User attribute actually contains a cost centre code that Finance will use for the chargeback.
0
 

Author Comment

by:Jerry Seinfield
ID: 39890004
Any updates?

Subsun, can you please provide your input here?
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 

Author Comment

by:Jerry Seinfield
ID: 39890697
Can I please get an update?
0
 

Author Comment

by:Jerry Seinfield
ID: 39892509
Good Afternoon all PowerShell Experts and Team,

Can anyone please pick up this case and provide some sort of support here?

Your feedback is really appreciated

Looking forward hearing from you
0
 
LVL 14

Expert Comment

by:Justin Yeung
ID: 39896657
would you please be a little more clear about what you need?

you mentioned about a timestamp csv file but what timestamp do you need?

the user access the application? or the user logon to their computer?
0
 

Author Comment

by:Jerry Seinfield
ID: 39896685
Hi Justin,

There is a third party application called SAS that is integrated with AD.  People are granted access to this application using two Security Groups, RDS_SAS and RDS_SAS2 so if they are in one of those Security Groups in AD, they will access the app.

Each user connect to their computer using a domain account and access the application via web. The only users that have access to this application are the ones who are member of the security groups explained above

Every month the finance department has to create a manual report  with some parameters such as username, firstname, lastname, departmentnumber information that is pulled out from AD. Each domain user in our AD has an attribute called The departmentNumber  which actually contains a cost centre and this code cost centre will used by finance to chargeback users.

Request

The challenge is  to write a PowerShell script that will produce a csv file with only users from the application[users members of the 2 security groups above]

The columns in the csv should be username, firstname, lastname, departmentnumber

The csv should be timestamped somehow with when it was created so that Finance can do an audit at a later date. Perhaps or correct me if i wrong create the file name  with the actual format datetime when it was created, for example SASReport2282014 and include a column inside the csv file with the time it was created, or maybe something else

Please see the notes below

People are granted access to SAS using two Security Groups, RDS_SAS and RDS_SAS2 so if they are in one of those Security Groups, Finance will charge them.

The departmentNumber AD User attribute actually contains a cost centre code that Finance will use for the chargeback

I hope you have a better understanding of the request

SO, basically we need a script to list users in a AD security-groups with desired fields, create a csv based on that information, and validate the csv is timestamped somehow and export the information on this csv with those fields
0
 
LVL 14

Expert Comment

by:Justin Yeung
ID: 39896712
import-module activedirectory
$groups = get-adgroup | ? {$_.Name -eq "RDS_SAS" -or $_.name "RDS_SAS2"}
foreach {$group in $groups}
{
$date = (get-date).tostring("MMddyyyy")
$path = "\\path\path\SASReport" + $date + ".txt"
get-adgroupmember $group.name -properties * | ft Name,Givename,Surname, departmentnumber | out-file $path -append
}


this should work for what you need.
0
 

Author Comment

by:Jerry Seinfield
ID: 39897213
Thanks Justin,

what line of your code creates the csv based on that information?

Where the csv file is timestamped and the information on the csv is exported to a file?
0
 
LVL 14

Expert Comment

by:Justin Yeung
ID: 39900504
$path = "\\path\path\SASReport" + $date + ".txt"


it is a txt file since it needs to be appended.

on $date = (get-date).tostring("MMddyyyy"), which means $date = MMddyyyy

$path will equal "\\path\path\SASReportMMddyyyy.txt"
0
 

Author Comment

by:Jerry Seinfield
ID: 39900680
should i replace path\path with a network location so should I leave it as this?
0
 
LVL 14

Accepted Solution

by:
Justin Yeung earned 500 total points
ID: 39900872
I made a bit changes that makes the out come better and tested it....

import-module activedirectory
$groups = get-adgroup -filter * | ?  {$_.Name -eq "RDS_SAS" -or $_.name "RDS_SAS2"}
foreach ($group in $groups)
{
$Users = get-adgroupmember $group.name
foreach ($user in $users)
{
$Userinfo = Get-ADUser -id $user.SamAccountName -Properties *

$array = @()
$Properties = @{Name=$Userinfo.Name;LastName=$Userinfo.surname;FirstName=$Userinfo.givenname;"Department Number"=$Userinfo.departmentnumber;"Group Name"=$group.name}

$Newobject = New-Object  PSObject -Property  $Properties

$Array +=$Newobject

 

$date = (get-date).tostring("MMddyyyy")
$path = "your path" + $date + ".csv"

$array | Select-Object Name,LastName,FirstName,@{Name="Department Number";Expression={$userinfo.departmentNumber}},"Group Name" | export-csv $path -Append

}
}


note: it requires powershell 3.0 to support -append under export-csv
0
 

Author Comment

by:Jerry Seinfield
ID: 39910352
Thanks Justin

Allow me some time to do full testing and will get back to you
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I thought I'd write this up for anyone who has a request to create an anonymous whistle-blower-type submission form created using SharePoint 2010 (this would probably work the same for 2013). It's not 100% fool-proof but it's as close as you can get…
"Migrate" an SMTP relay receive connector to a new server using info from an old server.
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question