Get-ADGroupmember 有两个组
Get-ADGroupmember with two Groups
我有两个广告组,想提取他们的成员。如果我指定一组,我可以 运行 脚本。当我放置第二组时,我不可能生成两个不同的报告。你能帮帮我吗?
$ADGroup= "Group_Test","Group_Test_ABC"
$Group = Get-ADGroupMember -Identity $ADGroup | ? {$_.objectclass -eq "user"}
$Path = "C:\Temp$ADGroup $((Get-Date).ToString("(yyyy-MM-dd)")).xlsx"
$Result =
foreach ($User in $Group) {
Get-ADUser -Identity $User -Properties * | Select @{n='ADGROUP NAME';e={$ADGroup}}, @{n="DisplayName";e={$_.DisplayName}}, @{n='SamAccountName';e={$_.SamAccountName}}, @{n='UPN';e={$_.UserPrincipalName}}
}
$Result | Export-Excel -Path $Path
Get-ADGroupMember 只接受一组作为输入,如果您需要查询多个组,则需要遍历这些组:
$ADGroup = "Group_Test", "Group_Test_ABC"
$result = foreach($group in $ADGroup)
{
$members = Get-ADGroupMember -Identity $group | Where-Object {
$_.objectclass -eq "user"
}
foreach($member in $members)
{
$user = Get-ADUser $member -Properties DisplayName
[pscustomobject]@{
'ADGROUP NAME' = $group
DisplayName = $user.DisplayName
SamAccountName = $user.SamAccountName
UserPrincipalName = $user.UserPrincipalName
}
}
}
$Path = "C:\Temp$ADGroup $((Get-Date).ToString("(yyyy-MM-dd)")).xlsx"
$Result | Export-Excel -Path $Path
对于上述方法,有一种不同的替代方法,更有效,但它只会找到那些存在于当前域中的用户,如果存在不同域中的成员(用户),则不会找到他们。
$result = foreach($group in $ADGroup)
{
$thisGroup = Get-ADGroup $group
$splat = @{
LDAPFilter = "(memberOf=$($thisGroup.DistinguishedName))"
Properties = 'DisplayName'
}
$users = Get-ADUser @splat
foreach($user in $users)
{
[pscustomobject]@{
'ADGROUP NAME' = $thisGroup.SamAccountName
DisplayName = $user.DisplayName
SamAccountName = $user.SamAccountName
UserPrincipalName = $user.UserPrincipalName
}
}
}
我有两个广告组,想提取他们的成员。如果我指定一组,我可以 运行 脚本。当我放置第二组时,我不可能生成两个不同的报告。你能帮帮我吗?
$ADGroup= "Group_Test","Group_Test_ABC"
$Group = Get-ADGroupMember -Identity $ADGroup | ? {$_.objectclass -eq "user"}
$Path = "C:\Temp$ADGroup $((Get-Date).ToString("(yyyy-MM-dd)")).xlsx"
$Result =
foreach ($User in $Group) {
Get-ADUser -Identity $User -Properties * | Select @{n='ADGROUP NAME';e={$ADGroup}}, @{n="DisplayName";e={$_.DisplayName}}, @{n='SamAccountName';e={$_.SamAccountName}}, @{n='UPN';e={$_.UserPrincipalName}}
}
$Result | Export-Excel -Path $Path
Get-ADGroupMember 只接受一组作为输入,如果您需要查询多个组,则需要遍历这些组:
$ADGroup = "Group_Test", "Group_Test_ABC"
$result = foreach($group in $ADGroup)
{
$members = Get-ADGroupMember -Identity $group | Where-Object {
$_.objectclass -eq "user"
}
foreach($member in $members)
{
$user = Get-ADUser $member -Properties DisplayName
[pscustomobject]@{
'ADGROUP NAME' = $group
DisplayName = $user.DisplayName
SamAccountName = $user.SamAccountName
UserPrincipalName = $user.UserPrincipalName
}
}
}
$Path = "C:\Temp$ADGroup $((Get-Date).ToString("(yyyy-MM-dd)")).xlsx"
$Result | Export-Excel -Path $Path
对于上述方法,有一种不同的替代方法,更有效,但它只会找到那些存在于当前域中的用户,如果存在不同域中的成员(用户),则不会找到他们。
$result = foreach($group in $ADGroup)
{
$thisGroup = Get-ADGroup $group
$splat = @{
LDAPFilter = "(memberOf=$($thisGroup.DistinguishedName))"
Properties = 'DisplayName'
}
$users = Get-ADUser @splat
foreach($user in $users)
{
[pscustomobject]@{
'ADGROUP NAME' = $thisGroup.SamAccountName
DisplayName = $user.DisplayName
SamAccountName = $user.SamAccountName
UserPrincipalName = $user.UserPrincipalName
}
}
}