Reputation: 117
Get-adgroupmember and Displaying nested group name and its members in and exported to CSV file
I found this script online. It was original designed to get all members of one security group and if there are nested group it will write to the host the nested group name and members in hierarchy form.
I tweaked it to import AD security groups from a CSV file and to export the results to CSV with table format. CSV files has two security group with both security groups has nested groups. Script will only list the users in the second security group and it doesn't list the nested security group.
CSV File format:
Groupname groupad name test.testdl office\test.testdl test.testdl test.testsg office\test.testsg test.testsg
Import-Module ActiveDirectory
$GroupList = @{}
$Table = @()
$Record = @{
"Name" = ""
"nested" = ""
"domain" = ""
"userName" =""
}
function Get-GroupHierarchy {
param()
$searchGroups = Import-Csv -Path C:\temp\ad1.csv
foreach ($item in $searchGroups) {
$groupMember = Get-ADGroupMember -Identity $item.Groupname |
Select-Object name, samaccountname, distinguishedName, objectClass
}
}
foreach ($member in $groupMember) {
$username = $member.samaccountname
$distinguishedName = $member.distinguishedName
$dc = [regex]::Match($distinguishedName,'DC=([^,|$]+)').Groups[1].Value
$domainuser = '{0}\{1}' -f $dc, $username
$Record."userName" = $member.samaccountname
$Record."Name" = $member.name
$Record."nested" = $member.objectclass
$Record."Domain" = $domainuser
$objRecord = New-Object PSObject -Property $Record
$Table += [array]$objrecord
if ($member.ObjectClass -eq "group") {
$GroupList.add($member.name, $member.name)
Get-GroupHierarchy $member.name
}
Get-GroupHierarchy
}
$Table | Export-Csv "C:\temp\SecurityGroups01.csv" -NoTypeInformation
Error message:
Get-ADGroupMember : Cannot validate argument on parameter 'Identity'. The argument is null or empty. Provide an argument that is not null or empty, and then try the command again. At line:1 char:48 + $groupMember = Get-ADGroupMember -Identity $item.name | Select-Object name, ... + ~~~~~~~~~~
Upvotes: 1
Views: 7108
Answers (1)
Reputation: 11
I Know it has been ages since you asked this question. But i was working last week on something similar and obtained some results through some work. I saw this question here working on that piece of work and thought to share my work if it can help somebody.
$members = Get-ADGroupMember 'GroupName'
foreach ($member in $members){
if ($member.objectClass -eq 'Group')
{$NestGroupUsers = Get-ADGroupMember $member | select name, objectclass }
Else {
$hash = [pscustomobject]@{
'name' = $member.name
'objectclass' = $member.objectClass
}
$hash | Export-Csv C:\users.csv -Append -NoTypeInformation
}
}
$NestGroupUsers |Export-Csv C:\users.csv -Append -NoTypeInformation
Upvotes: 1
Related Questions
- Using powershell, how to get a list of users per active directory group?
- Powershell to export AD group members in each own name .CSV?
- Export the AD Group Membership of a list of users from a CSV Powershell
- Retrieving SamAccountName and associated groups in a formatted csv
- AD Export of Groups / Members of Each group and Email Addresses
- How to look for Active Directory group name from csv in PowerShell?
- Get Members of AD Group and output in specific manner
- Powershell - Nested Recursive Groups
- Output a list of AD users, with group names starting with *ABC*
- Powershell List groups and members from AD and export to CSV