我有一个用户列表,我需要知道他们的Active Directory组成员是什么。我需要它们在csv中组合在一起,就像这样,包含用户名、组名和组类型(分发安全性),但我运气不太好。下面是我尝试编写和使用的Powershell脚本。
$Users = Get-Content -Path 'C:ScriptsListsUserDistro.txt'
Foreach ($user in $users) {
$GroupName = Get-ADPrincipalGroupMembership $user | Select-Object -Property Name
$GroupType = Get-ADPrincipalGroupMembership $user | Select-Object -Property GroupCategory
$Results = @{'Username'=$User;'Group'=$GroupType}
$obj = New-Object -TypeName PSObject -Property $Results
Write-Output $Obj | Format-table -AutoSize
我得到的输出看起来像这样:
Username Group GroupType
-------- ----- ---------
psmith {@{Name=Domain Users}, @{Name=Group1}, @{Name=Group2}, @{Name=Group3:}...} {@{GroupCategory=Security}, @{GroupCategory=Security}, @{GroupCategory=Security}, @{...
我遇到的问题是
- 列表被截断,应该有比这里显示的更多的组
- 我不需要所有这些外围信息@{Name=只是组名
- 我如何排序,以便组名和组类型的阵容?
我不喜欢Get-ADPrincipalGroupMembership,所以这是我个人使用的:
$Users = Get-Content -Path 'C:ScriptsListsUserDistro.txt'
$result = foreach($user in $users)
{
$adUsr = Get-ADUser $user
$membership = Get-ADGroup -LDAPFilter "(member=$($user.DistinguishedName))"
foreach($group in $membership)
{
[pscustomobject]@{
User = $adUsr.samAccountName
GroupName = $group.Name
GroupType = $group.GroupCategory
}
}
}
$result | Format-Table -AutoSize
使用Get-ADPrincipalGroupMembership看起来像这样:
$Users = Get-Content -Path 'C:ScriptsListsUserDistro.txt'
$result = foreach($user in $users)
{
$membership = Get-ADPrincipalGroupMembership $user
foreach($group in $membership)
{
[pscustomobject]@{
User = $user
GroupName = $group.Name
GroupType = $group.GroupCategory
}
}
}
$result | Format-Table -AutoSize
或与Select-Object:
$Users = Get-Content -Path 'C:ScriptsListsUserDistro.txt'
$result = foreach($user in $users)
{
Get-ADPrincipalGroupMembership $user |
Select-Object @{n='User';e={$user}},
@{n='GroupName';e={$_.Name}},
@{n='GroupType';e={$_.GroupCategory}}
}
$result | Format-Table -AutoSize