info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Powershell user audit - piping "is member of" several named AD groups in a query
19 views
Skip to first unread message
lwood...@gmail.com
Sep 15, 2016, 12:04:09 PM9/15/16
to
Hi all
I'm a newbie and I'm learning so please forgive me.
I'm looking to support a project involving a migration from one service provider to another. I need to gather a lot of information from AD to assist with the migration planning but I'm struggling with a certain aspect in terms of "is a user a member of group A, B, C, D, E, F and mark a column with a True/False type statement and export into Excel.
Note that I'm restricted to using Quest. Our environment doesn't have ADWS available.
I can easily gather members of groups in A, B, C, D, E, and F separately and manipulate them into Excel, but I'm hoping to create a fast and reusable query to refresh data as the project progresses.
$c = Connect-QADService -Service <some domain controller>:389
$FilePath = "C:\Test.csv"
$OuDomain = "OU=IT,OU=Business Development,DC=DOMAIN,DC=COM
Get-QADUser -DontUseDefaultIncludedProperties -ObjectAttributes @{homeDirectory='*'} -IncludedProperties 'extensionAttribute1' |
Format-Table name, 'ExtensionAttribute1'
...all works fine to here. I'm only outputting the value of extensionAttribute1 at this point but I will be adding columns over time.
Name ExtensionAttribute1
------ -------------------
User 1 15
User 2 15
User 3 15
User 4
User 5 15
Anyone know how to query if the user is a member of specific AD groups and can output and True/False type output?
Name extensionAttribute1 A B C D E F
------ ------------------- --- --- --- --- --- ---
User 1 15 Yes No No No No Yes
User 2 1 No No No Yes Yes Yes
User 3 15 Yes Yes No No No No
User 4 No Yes No No No No
User 5 15 No No Yes Yes No Yes
Any help/guidance appreciated.
I'm a newbie and I'm learning so please forgive me.
I'm looking to support a project involving a migration from one service provider to another. I need to gather a lot of information from AD to assist with the migration planning but I'm struggling with a certain aspect in terms of "is a user a member of group A, B, C, D, E, F and mark a column with a True/False type statement and export into Excel.
Note that I'm restricted to using Quest. Our environment doesn't have ADWS available.
I can easily gather members of groups in A, B, C, D, E, and F separately and manipulate them into Excel, but I'm hoping to create a fast and reusable query to refresh data as the project progresses.
$c = Connect-QADService -Service <some domain controller>:389
$FilePath = "C:\Test.csv"
$OuDomain = "OU=IT,OU=Business Development,DC=DOMAIN,DC=COM
Get-QADUser -DontUseDefaultIncludedProperties -ObjectAttributes @{homeDirectory='*'} -IncludedProperties 'extensionAttribute1' |
Format-Table name, 'ExtensionAttribute1'
...all works fine to here. I'm only outputting the value of extensionAttribute1 at this point but I will be adding columns over time.
Name ExtensionAttribute1
------ -------------------
User 1 15
User 2 15
User 3 15
User 4
User 5 15
Anyone know how to query if the user is a member of specific AD groups and can output and True/False type output?
Name extensionAttribute1 A B C D E F
------ ------------------- --- --- --- --- --- ---
User 1 15 Yes No No No No Yes
User 2 1 No No No Yes Yes Yes
User 3 15 Yes Yes No No No No
User 4 No Yes No No No No
User 5 15 No No Yes Yes No Yes
Any help/guidance appreciated.
0 new messages