Reputation: 25
Listing group membership combinations
Hoping i can get some help in my thinking here because im struggling to accomplish what im after and im doubting its even the best way to achieve this now!
Essentially i have a powershell script (see below) which successfully lists members of a certain filter i put in. This all works smoothly and outputs a list into a CSV.
The next part however is telling it to return only members who are members of specific group combo's. For example, a user might be a member of Group 1, Group 2 and Group 7 (lets say out of 9 groups with that naming scheme)
so im trying to return results of members who only match the statement that they are in TWO groups (Group 1 and Group 2) and exclude those who may only be in Group 1 but not Group 2....hope that makes sense.
# first im narowing down group search to all groups starting with Group and then a number (this is an example). This will return 9 groups. Group 1 through to Group 9
$Groups = (Get-AdGroup -filter * | Where-object { $_.name -like "Group *" } | select-object name -expandproperty name)
# Just standard Array
$Array = @()
$Data = [ordered]@{}
# so now im wanting to search for members in each of those groups we narrowed down to above
Foreach ($Group in $Groups) {
# This bit defines my search criteria. It works perfectly if i just return all users. But if i only want to display members that are in Group 1 AND Group 2....it does not return any results.
$Members = Get-ADGroupMember -identity $Group | Where-Object { ($Group.name -like "Group 1") -and ($Group.name -like "Group 2") } | Get-ADUser -Properties * | select-object givenName, sn, sAMAccountName, mail
# Eventually that will be displayed in the object below...this bit works fine
foreach ($Member in $Members) {
$Data."update" = "modify"
$Data."region" = $Group
$Data."login" = $Member.mail
$Data."first_name" = $Member.givenName
$Data."last_name" = $Member.sn
$Data."approver_level" = "BlankForNow"
#
$DataPSObject = New-Object PSObject -property $Data
#
$Array += $DataPSObject
}
}
#
$Array | Sort-Object -Property login | Export-Csv "D:\Temp\Groups.csv" -NoTypeInformation
Any ideas where i could be going wrong? Maybe its better to edit the outputted CSV and match statements that way. So remove lines from CSV where users are not a member of both? Not even sure if thats entirely possible with Import-CSV tbh
Thanks in advance!
Upvotes: 0
Views: 270
Answers (1)
Reputation: 171
If you want the common members of the groups "Operations" and "ServiceDeskLevel2"
# Get groups members
$membersGroup1 = Get-ADGroupMember "Operations"
$membersGroup2 = Get-ADGroupMember "ServiceDeskLevel2"
# Compares both groups and put common members in the $res list
$res = Compare-Object $membersGroup1 $membersGroup2 -PassThru -IncludeEqual -ExcludeDifferent
# Output the name of the common members from $res
$res | Format-List -Property name
Upvotes: 2
Related Questions
- How to look for Active Directory group name from csv in PowerShell?
- Grouping data from Active Directory
- Get-adgroupmember and Displaying nested group name and its members in and exported to CSV file
- Powershell - Nested Recursive Groups
- Script to list users and all the groups they are members of
- PowerShell script to create CSV file listing all groups in OU and # of members in each group
- powershell to list multiple AD groups membership
- Output a list of AD users, with group names starting with *ABC*
- Powershell List groups and members from AD and export to CSV
- List group memberships for AD users