Help getting a table with a user's group (direct and indirect) membership with Powershell

Posted on 2014-08-25
Last Modified: 2014-08-26
Hello Experts,
Once again, I’m coming to you with what I’m sure is going to be an easy question that I’m pulling my hair out over.  I want to generate a list of all the groups that all of the members of our technical sales department belongs to and create a csv file with that information.  The basic output would look like the following:
TSD Member                        Group
Nickd                              Domain Users
Nickd                              TSD
Nickd                              Sales-General
JoeF                              Domain Users
JoeF                              TSD
JoeF                              Sales-General
JoeF                              Sales-North
KrisG                              Domain Users
KrisG                              TSD
KrisG                              TSD-Marketing
KrisG                              TSD-Sales      

Here is the code I have to get users of the technical sales division (I know it si messy, but if filters the way I need it to in our Active Directory):
$TSDMembers = Get-ADObject -Properties * -Filter {objectclass -eq "user" -and objectCategory -eq "Person"} -SearchBase "OU=Technical Sales division,OU=phoenix,DC=mycompany,DC=local" | where-object {$ -eq "AL"} | select -ExpandProperty samaccountname | sort samaccountname

Foreach ($TSDMember in $TSDMembers){
Get-QADGroup -ContainsMember $TSDuser.samaccountname -ContainsIndirectMember $TSDuser.samaccountname | select `

When I run this, my table has the column headers, but no data.  What am I doing wrong here?

Thanks in advance for your help.
Question by:ndalmolin_13
    LVL 40

    Accepted Solution

    $TSDuser.samaccountname won’t return any value First it is not defined in the script, you have used $TSDMember as a variable in Foreach but inside loop you were using $TSDuser which was not defined anywhere in script.
     Secondly, you have used Select –ExpandProperty samaccountname to create the list of samaccountname’s, so the property name samaccountname will not be available as the array $TSDMembers you create is just a list of strings (list of samaccountname)

    The custom property syntax was incorrect..

    Lastly, not need to use both -ContainsMember & -ContainsIndirectMember. -ContainsIndirectMember parameter will give you the details which you are looking for..

    I also replaced Get-ADObject with Get-QADObject
    $TSDMembers = Get-QADObject -Type User -SearchRoot "OU=Technical Sales division,OU=phoenix,DC=mycompany,DC=local" | where-object {$ -eq "AL"} | select -ExpandProperty samaccountname | sort samaccountname
    Foreach ($TSDMember in $TSDMembers){
    Get-QADGroup -ContainsIndirectMember $TSDMember | select `

    Open in new window

    LVL 1

    Author Closing Comment

    Awesome.  Thanks for the explanation.  It really helped.

    Featured Post

    Maximize Your Threat Intelligence Reporting

    Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

    Join & Write a Comment

    Active Directory replication delay is the cause to many problems.  Here is a super easy script to force Active Directory replication to all sites with by using an elevated PowerShell command prompt, and a tool to verify your changes.
    "Migrate" an SMTP relay receive connector to a new server using info from an old server.
    Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
    Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now