Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Get-ADUser With Specific Attributes Powershell Command

Posted on 2014-04-01
3
Medium Priority
?
3,494 Views
Last Modified: 2014-04-02
I need a report that will provide a list of all enabled accounts and the Name, SamAccountName, DistinguishedName, EmployeeID, and if an account is a member of a group called 'VPN'

I know I can run a Get-ADGroupMember on that group, but I need users that are members of the group to be included in the below report - is this possible, if so, how?

Get-ADUser -Filter 'Enabled -eq $true' -Properties Name, SamAccountName, DistinguishedName, EmployeeID | Select Name, SamAccountName, DistinguishedName, EmployeeID

Open in new window

0
Comment
Question by:fireguy1125
  • 2
3 Comments
 
LVL 41

Expert Comment

by:footech
ID: 39970641
I know I can run a Get-ADGroupMember on that group, but I need users that are members of the group to be included
This part is confusing me.  Did you mean that you need users who not members of the group as well?
0
 
LVL 1

Author Comment

by:fireguy1125
ID: 39971096
Yes.

So if my Get-ADUser command returns 1500 users, I would need all 1500 user returned when including the group name. So if 500 Users are members of the group, each user row ideally would have the group name in a new column, and the users who are not members of the group, would just be blank.

Hope that is more clear, thanks!
0
 
LVL 41

Accepted Solution

by:
footech earned 2000 total points
ID: 39971733
How about something like the following?  It's a little different than your suggestion, but you could easily change the output values from "True" or "False" to whatever you like, even an empty string ("").  It should work as long as the VPN group is not the primary group for the user (because the primary group is not included in the MemberOf attribute).
Get-ADUser -Filter 'Enabled -eq $true' -Properties Name, SamAccountName, DistinguishedName, EmployeeID, MemberOf | ForEach `
{
    If ( $_.MemberOf -match "CN=VPN," )
    {
        $_ | Select Name, SamAccountName, DistinguishedName, EmployeeID, @{n="MemberOfVpnGroup";e={"True"}}
    }
    Else
    {
        $_ | Select Name, SamAccountName, DistinguishedName, EmployeeID, @{n="MemberOfVpnGroup";e={"False"}}
    }
}

Open in new window

0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…

972 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question