我想从包含广告组的文件中检索父广告组
[英]I want to retrieve parent ad groups from a file with ad groups
问题描述
I have a list with AD groups. 
我有一个广告组列表。 I want to check if each of these groups is a MemberOf a parent group(s). 我想检查这些组中的每一个是否是父组的MemberOf。 If so, I want to list the parent group(s). 如果是这样,我要列出父组。 As an example: Child group 1 has no parent group, so it does not have to list anything. 例如:子组1没有父组,因此不必列出任何内容。 Child group 2 has 2 parent groups (so is member of 2 groups), I want to list those 2 groups. 子组2有2个父组(所以是2个组的成员),我想列出这2个组。 And so on... 等等...
I started with a simple code: 我从一个简单的代码开始:
get-adgroup -filter "CN -eq 'Child2'" -properties memberof | select memberof
The result I get is almost what I want: 我得到的结果几乎就是我想要的:
memberof 成员
{CN=Parent1,OU=ABC, CN=Parent2,OU=ABC} {CN = Parent1,OU = ABC,CN = Parent2,OU = ABC}
So this works, allthough I prefer not to see the 'CN=' part and 'OU=' part, just the groupname(s). 因此这可行,尽管我不希望看到“ CN =”部分和“ OU =”部分,而只是看到组名。
Next step I tried below code: 下一步,我尝试了以下代码:
Import-Csv -Path H:\Test\Input_ADGroup.csv |
ForEach-Object {
$Group = Get-ADGroup -filter "CN -eq '$($_.CN)'" -properties memberof
[PSCustomObject]@{
SourceCN = $_.CN
MemberOf = $Group.memberof
}
} | Export-Csv -Path H:\Test\Output_ADGroup.csv -NoTypeInformation
When using the code above, it does not work correctly. 使用上面的代码时,它无法正常工作。 It shows a list with the input groups (child groups) but the output groups (parent groups) is shown as: "Microsoft.ActiveDirectory.Management.ADPropertyValueCollection" Somehow it does not work when the output contains 2 or more (parent) groups. 它显示带有输入组(子组)的列表,但输出组(父组)显示为: “ Microsoft.ActiveDirectory.Management.ADPropertyValueCollection”当输出包含2个或更多(父)组时,它不起作用。
Another option I tried was using the Get-ADPrincipalGroupMembership function, but this always give me an error: Get-ADPrincipalGroupMembership : The operation being requested was not performed because the user has not been authenticated 我尝试过的另一个选项是使用Get-ADPrincipalGroupMembership函数,但这总是给我一个错误: Get-ADPrincipalGroupMembership:由于用户尚未通过身份验证,因此未执行所请求的操作
Anyone has some ideas how to help me getting the parent groups of each AD groups I have in a file? 有人对如何帮助我获取文件中每个广告组的父组有一些想法吗?
Thanks in advance. 提前致谢。
1 个解决方案
解决方案1
0 2019-08-06 09:28:06
Below code does the trick, although it requires some manual actions in Excel. 尽管需要在Excel中进行一些手动操作,但下面的代码可以解决问题。
Import-Csv -Path H:\Powershell\Input_ADGroup.csv |
ForEach-Object {
$Group = Get-ADGroup -filter "CN -eq '$($_.CN)'" -properties memberof
[PSCustomObject]@{
SourceCN = $_.CN
MemberOf = $Group.MemberOf -join ";"
}
} | Export-Csv -Path H:\Powershell\Output_ADGroup.csv -NoTypeInformation
H:\Powershell\Output_ADGroup.csv
In Column A it outputs the source AD group (Child) and the Parent group. 在A列中,它输出源AD组(子组)和父组。 If there are multiple Parent groups, it outputs to columns C, D, E etc. Also, the output (Parent groups) are shown as "CN=Parent1,OU=ABC..." So I used Find & Replace option in Excel to remove the CN/OU part. 如果有多个父组,则将其输出到列C,D,E等。此外,输出(父组)显示为“ CN = Parent1,OU = ABC ...”,因此我在Excel中使用了“查找并替换”选项删除CN / OU部分。 Also, because a lot of output can be horizontal (multiple columns) it requires some copy-paste. 另外,由于很多输出可以是水平的(多列),因此需要一些复制粘贴。 But I did get the output I needed… So thanks. 但是我确实得到了所需的输出...所以,谢谢。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.