stackoom
  简体   繁体   中英

PowerShell don't copy “MemberOf” based on CSV exclusions list

 原文  2016-10-24 16:16:54       powershell/ csv

Question

I have a csv that contains security groups that should never be copied when creating or modifying user accounts within Active Directory. It looks like this: 

securityGroup
"CN=Security Group 1,OU=Security Groups,DC=domain,DC=com", "CN=Security Group 2,OU=Security Groups,DC=domain,DC=com", "CN=Security Group 3,OU=Security Groups,DC=domain,DC=com", "CN=Security Group 4,OU=Security Groups,DC=domain,DC=com"

When copying AD groups, we use the following method: 

$userName = [User which security groups are copied TO]
$modelUser = [User which security groups are copied FROM]
$modelMember = Get-ADUser $modelUser -Properties MemberOf
$modelMember.MemberOf | Add-ADGroupMember -Members $userName

What we would like to see is that no groups from the above CSV file are copied from a model user to another user. I have had some success by manually entering Security Groups over and over again using "-and" and "-not contains" in the script but would prefer to use a CSV instead. 

$modelMember.MemberOf | Where{$_ -notcontains "CN=Security Group 1,OU=Security Groups,DC=domain,DC=com" -and $_ -notcontains "CN=Security Group 2,OU=Security Groups,DC=domain,DC=com" -and $_ -notcontains "CN=Security Group 3,OU=Security Groups,DC=domain,DC=com" -and $_ -notcontains "CN=Security Group 4,OU=Security Groups,DC=domain,DC=com"} | Add-ADGroupMember -Members $userName

I guess I don't even know where to begin. Any help would be greatly appreciated!

1 answers

solution1
 0 ACCPTED  2016-10-24 16:50:40

The file you show does not look like a CSV, those are groups one-per-line rather than comma-separated.

It's easy enough as long as you have PowerShell v3 or above: 

$modelMember = Get-ADUser $modelUser -Properties memberOf

$forbiddenGroups = Get-Content groupList.txt
$modelGroups = $modelMember.MemberOf | Where-Object { $_ -notin $forbiddenGroups } 

$modelGroups | Add-ADGroupMember -Members $userName

Auto-generated PS help links from my codeblock (if available):

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Powershell: List with ADusers - need groups the users are memberof Powershell copy files based on CSV contents powershell copy and delete files based on csv Powershell - import csv based on variable in a list Powershell copy $source memberof to destination without copying $destination's existing membership and additional filter Using PowerShell to send email to different addresses based on list in a csv file Build XML file based off CSV list using Powershell Import Phone Number list from CSV with Powershell. Based on EmployeeID Copy a specific column to a csv in powershell Powershell - Delete Folder Contents With Exclusions
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM