堆栈内存溢出
  简体   繁体   English

从 AD 组获取特定的 AD 用户

[英]Get Specific AD Users from AD Group

 原文  2021-02-19 10:19:37       powershell/ active-directory

问题描述

I need to get specific users from specific Groups in Active Directory.我需要从 Active Directory 中的特定组中获取特定用户。

So far I have this:到目前为止,我有这个:

$Groupnames = get-adgroup -Filter "name -like '$Groupfilter'" -Properties * -SearchBase $Grouppath |
    Select-Object Name, @{
        Name='Username';
        Expression={
            Get-ADGroupMember -identity $($_.Name) -Recursive |
            Get-ADUser -Property SamAccountName |
            Select -ExpandProperty SamAccountName
        }
    }

This works to get the Groups with their names.这可以获取带有名称的组。 Now I want to get all users from these groups.现在我想从这些组中获取所有用户。 what works but the formating is completly off.什么有效,但格式完全关闭。 I want this:我要这个:

Name                               Username                                                                                
----                               --------                                                                                
Group1                             user1adm                                                                             
Group2                             {user1adm, user1, user2, user2adm...}                                      
Group3                             {user1adm, user3, user2adm, user6...}

But I get this:但我明白了:

{user1adm, user1, user2, user2adm...}

With that formatting I can't see all users.使用这种格式,我看不到所有用户。

My goal at the end is also to exclude users who end with adm , but I don't know how to do that.我最后的目标也是排除以adm结尾的用户,但我不知道该怎么做。

Can you help me?你能帮助我吗?

1 个解决方案

解决方案1
 1 已采纳  2021-02-19 15:56:15

Get-ADGroupMember can return objects of type 'user', 'group' or 'computer', so piping the returned objects straight through to Get-ADUser could get you into trouble if one of the objects is not a user. Get-ADGroupMember可以返回“用户”、“组”或“计算机”类型的对象,因此如果其中一个对象不是用户,则将返回的对象直接传送到Get-ADUser可能会给您带来麻烦。

Having said that, the objects returned from Get-ADGroupMember already contain the SamAccountName property you are after, so you can eliminate Get-ADUser from the code.话虽如此,从Get-ADGroupMember返回的对象已经包含您所追求的 SamAccountName 属性,因此您可以从代码中消除 Get-ADUser。

$Groupnames = Get-ADGroup -Filter "name -like '$Groupfilter'" -SearchBase $Grouppath | 
                Select-Object Name, 
                @{Name = 'Username'; Expression = { 
                        ($_ | Get-ADGroupMember -Recursive | 
                              Select-Object -ExpandProperty SamAccountName | 
                              Where-Object { $_ -notmatch 'adm$' } 
                        ) -join ', '
                    }
                }

# output the result on screen
$Groupnames | Format-Table -AutoSize

# output to CSV file
$Groupnames | Export-Csv -Path 'Path\To\The\GroupMembers.csv' -NoTypeInformation

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 从 AD 导出具有特定组成员身份的用户 - Export users from AD with a specific group membership 如何在组AD PowerShell中获取组的用户 - How to get users of a group in a group AD PowerShell PowerShell 导出不在特定组中的 AD 用户 + 属性 - PowerShell export AD users not in specific group + attributes PowerShell 通过来自 CSV 的 UPN 将 AD 用户添加到 AD 组 - PowerShell Add AD users to AD group by UPN from CSV 用该AD组中的用户替换Exchange中的AD组 - Replace AD Group in Exchange with Users in that AD Group 将其他域中的用户添加到AD组 - Add users from another domain to AD group 使用Powershell从AD组中删除用户 - Remove users from AD group using Powershell 比较AD用户从CSV到特定的OU - Compare AD users from CSV to a specific OU 获取AD组成员并以特定方式输出 - Get Members of AD Group and output in specific manner 在特定AD组中获取ADUser - Get-ADUser within a specific AD group
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM