Solved

Get-ADUser With Specific Attributes Powershell Command

Posted on 2014-04-01
3
3,336 Views
Last Modified: 2014-04-02
I need a report that will provide a list of all enabled accounts and the Name, SamAccountName, DistinguishedName, EmployeeID, and if an account is a member of a group called 'VPN'

I know I can run a Get-ADGroupMember on that group, but I need users that are members of the group to be included in the below report - is this possible, if so, how?

Get-ADUser -Filter 'Enabled -eq $true' -Properties Name, SamAccountName, DistinguishedName, EmployeeID | Select Name, SamAccountName, DistinguishedName, EmployeeID

Open in new window

0
Comment
Question by:fireguy1125
  • 2
3 Comments
 
LVL 39

Expert Comment

by:footech
ID: 39970641
I know I can run a Get-ADGroupMember on that group, but I need users that are members of the group to be included
This part is confusing me.  Did you mean that you need users who not members of the group as well?
0
 
LVL 1

Author Comment

by:fireguy1125
ID: 39971096
Yes.

So if my Get-ADUser command returns 1500 users, I would need all 1500 user returned when including the group name. So if 500 Users are members of the group, each user row ideally would have the group name in a new column, and the users who are not members of the group, would just be blank.

Hope that is more clear, thanks!
0
 
LVL 39

Accepted Solution

by:
footech earned 500 total points
ID: 39971733
How about something like the following?  It's a little different than your suggestion, but you could easily change the output values from "True" or "False" to whatever you like, even an empty string ("").  It should work as long as the VPN group is not the primary group for the user (because the primary group is not included in the MemberOf attribute).
Get-ADUser -Filter 'Enabled -eq $true' -Properties Name, SamAccountName, DistinguishedName, EmployeeID, MemberOf | ForEach `
{
    If ( $_.MemberOf -match "CN=VPN," )
    {
        $_ | Select Name, SamAccountName, DistinguishedName, EmployeeID, @{n="MemberOfVpnGroup";e={"True"}}
    }
    Else
    {
        $_ | Select Name, SamAccountName, DistinguishedName, EmployeeID, @{n="MemberOfVpnGroup";e={"False"}}
    }
}

Open in new window

0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article runs through the process of deploying a single EXE application selectively to a group of user.
The following article is intended as a guide to using PowerShell as a more versatile and reliable form of application detection in SCCM.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

806 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question