包括 ADUser 的特定属性 Active Directory 查询
Include Specific Attributes Active Directory Query for an ADUser
get-content .\GroupNames.txt |
ForEach-Object {
$Group = $_
$countUser = ""
$countUser = ((get-Adgroup $group -properties members).members).count
$Total_Count += $countUser
If ($countUser -eq 0){
$Total_Count++
Add-Content $LogFile "$Group, No Members "
}
Get-ADGroupMember $Group -Recursive -include | Select @{label="Group"; expression={$Group}},sAMAccountName,Name, @{label="Date";expression={$Date}} | Export-CSV $LogFile -NoTypeInformation -Append
}
Add-Content $LogFile "Total Count - $Total_Count "
您好,我上面的代码在文本文件 ("GroupNames.txt") 中获取了 AD 组列表。
然后它从每个组中抓取成员。
我想做的是,当它为 ADGroup 成员查询 Active Directory 时,除了默认的 sAMAcountname 和 Name 之外,我还希望能够请求其他属性。例如,我想获得用户部门 and/or 的头衔。理想情况下,我会将它存储在 $properties 之类的单独变量中,这样我只在 运行 脚本时才更改此值。
目前,输出是 $Logfile,一个 csv 文件,包含列 department/title 和任何其他额外属性空白。
提前谢谢你。
您需要考虑 Get-ADGroupMember 也可以 return 计算机对象或(嵌套的)组对象。
查看您的代码,您只需要输出中的用户对象。
此外,如果您想要包含用户详细信息的 CSV 文件,您必须不要将简单的消息文本行添加到同一个 csv 文件中,因为这会破坏结构。
执行此操作时需要创建两个单独的文件:
- 消息所在的文本(日志)文件
- 存储用户详细信息的结构 Csv 文件
尝试:
# set the paths for both the log file (plain text) and for the resulting CSV file
$logFile = 'D:\Test\GroupReport.log'
$logCsv = 'D:\Test\GroupReport.csv'
$inFile = 'D:\Test\GroupNames.txt'
# write a starting line to the log file
('Log Started {0:g}'-f (Get-Date)) | Add-Content -Path $logFile
# gather the details of the group (users only)
# filter out empty or whitespace-only lines from the text file
$result = Get-Content -Path $inFile | Where-Object { $_ -match '\S' } | ForEach-Object {
# first, try and get the group by the name from the $inFile
$group = Get-ADGroup -Filter "Name -eq '$_'" -Properties members -ErrorAction SilentlyContinue
if (!$group) {
"Group '$_' does not exist" | Add-Content -Path $logFile
continue # skip this one and proceed with the next group
}
# retrieve the users that are member of the group (ignore members of type group and/or computer)
$members = $_ | Get-ADGroupMember -Recursive | Where-Object { $_.objectClass -eq 'user' }
$userCount = @($members).Count
$Total_Count += $userCount
if ($userCount -eq 0) {
$Total_Count++ # why this increment if there are no users???
"$($group.Name) - No Users" | Add-Content -Path $logFile
continue # proceed with the next group
}
# now loop through the user members to get their details
foreach ($user in $members) {
# output the details of the user this gets collected in variable $result
Get-ADUser -Identity $user.DistinguishedName -Properties DisplayName, Name, OfficePhone, EmailAddress, Description, Title, Department |
Select-Object @{Name="Group"; Expression={$group.Name}},
SamAccountNameDisplayName, Name, EmailAddress, Description, Title, Department
@{Name="Phone"; Expression={$_.OfficePhone}}
}
}
# write the total count and an end line to the logfile
"Total Count - $Total_Count" | Add-Content -Path $logFile
('Log Ended {0:g}{1}'-f (Get-Date), [environment]::NewLine) | Add-Content -Path $logFile
# now create the CSV file with user details
$result | Export-Csv -Path $logCsv -NoTypeInformation
get-content .\GroupNames.txt |
ForEach-Object {
$Group = $_
$countUser = ""
$countUser = ((get-Adgroup $group -properties members).members).count
$Total_Count += $countUser
If ($countUser -eq 0){
$Total_Count++
Add-Content $LogFile "$Group, No Members "
}
Get-ADGroupMember $Group -Recursive -include | Select @{label="Group"; expression={$Group}},sAMAccountName,Name, @{label="Date";expression={$Date}} | Export-CSV $LogFile -NoTypeInformation -Append
}
Add-Content $LogFile "Total Count - $Total_Count "
您好,我上面的代码在文本文件 ("GroupNames.txt") 中获取了 AD 组列表。 然后它从每个组中抓取成员。 我想做的是,当它为 ADGroup 成员查询 Active Directory 时,除了默认的 sAMAcountname 和 Name 之外,我还希望能够请求其他属性。例如,我想获得用户部门 and/or 的头衔。理想情况下,我会将它存储在 $properties 之类的单独变量中,这样我只在 运行 脚本时才更改此值。
目前,输出是 $Logfile,一个 csv 文件,包含列 department/title 和任何其他额外属性空白。 提前谢谢你。
您需要考虑 Get-ADGroupMember 也可以 return 计算机对象或(嵌套的)组对象。
查看您的代码,您只需要输出中的用户对象。
此外,如果您想要包含用户详细信息的 CSV 文件,您必须不要将简单的消息文本行添加到同一个 csv 文件中,因为这会破坏结构。 执行此操作时需要创建两个单独的文件:
- 消息所在的文本(日志)文件
- 存储用户详细信息的结构 Csv 文件
尝试:
# set the paths for both the log file (plain text) and for the resulting CSV file
$logFile = 'D:\Test\GroupReport.log'
$logCsv = 'D:\Test\GroupReport.csv'
$inFile = 'D:\Test\GroupNames.txt'
# write a starting line to the log file
('Log Started {0:g}'-f (Get-Date)) | Add-Content -Path $logFile
# gather the details of the group (users only)
# filter out empty or whitespace-only lines from the text file
$result = Get-Content -Path $inFile | Where-Object { $_ -match '\S' } | ForEach-Object {
# first, try and get the group by the name from the $inFile
$group = Get-ADGroup -Filter "Name -eq '$_'" -Properties members -ErrorAction SilentlyContinue
if (!$group) {
"Group '$_' does not exist" | Add-Content -Path $logFile
continue # skip this one and proceed with the next group
}
# retrieve the users that are member of the group (ignore members of type group and/or computer)
$members = $_ | Get-ADGroupMember -Recursive | Where-Object { $_.objectClass -eq 'user' }
$userCount = @($members).Count
$Total_Count += $userCount
if ($userCount -eq 0) {
$Total_Count++ # why this increment if there are no users???
"$($group.Name) - No Users" | Add-Content -Path $logFile
continue # proceed with the next group
}
# now loop through the user members to get their details
foreach ($user in $members) {
# output the details of the user this gets collected in variable $result
Get-ADUser -Identity $user.DistinguishedName -Properties DisplayName, Name, OfficePhone, EmailAddress, Description, Title, Department |
Select-Object @{Name="Group"; Expression={$group.Name}},
SamAccountNameDisplayName, Name, EmailAddress, Description, Title, Department
@{Name="Phone"; Expression={$_.OfficePhone}}
}
}
# write the total count and an end line to the logfile
"Total Count - $Total_Count" | Add-Content -Path $logFile
('Log Ended {0:g}{1}'-f (Get-Date), [environment]::NewLine) | Add-Content -Path $logFile
# now create the CSV file with user details
$result | Export-Csv -Path $logCsv -NoTypeInformation