stackoom
  简体   繁体   中英

How to get group name and EmployeeID from Active Directory?

 原文  2018-09-24 21:55:56       powershell/ active-directory

Question

I have this code where I'm trying to get all user details information existing in an Active Directory. 

$path = "C:\ServerDetails"
$LogDate = get-date -f yyyyMMddhhmm
$csvfile = $path + "\ALLADUsers_$logDate.csv"

Import-Module ActiveDirectory

$ADServer = 'xx.xx.x.x'

$username = "abc"
$password = "alpha"
$secstr = New-Object -TypeName System.Security.SecureString
$password.ToCharArray() | ForEach-Object {$secstr.AppendChar($_)}
$cred = new-object -typename System.Management.Automation.PSCredential -argumentlist $username, $secstr

Get-ADUser -server $ADServer -Credential $cred -Properties msDS-UserPasswordExpiryTimeComputed*  -Filter * | 

Select-Object @{Label = "First Name";Expression = {$_.GivenName}},
@{Label = "Last Name";Expression = {$_.Surname}},
@{Label = "Display Name";Expression = {$_.DisplayName}},

@{Label = "EmployeeID";e={$_.employeeID}},
@{Label = 'GroupName';e={($_.memberof | %{(Get-ADPrincipalGroupMembership $_).sAMAccountName}) -join ";"}},

@{Label = 'Description';e={$_.Description}},
@{Label = 'PasswordExpired';e={if($_.PasswordExpired){$true} else{$false}}},
@{Label = "PasswordExpiryDate";Expression={[datetime]::FromFileTime($_."msDS-UserPasswordExpiryTimeComputed")}},
@{Label = "Logon Name";Expression = {$_.sAMAccountName}},
@{Label = "Phone";Expression = {"Ext - $(-Join $_.TelephoneNumber[-4..-1])"}},
@{Label = "Email";Expression = {$_.Mail}},
@{Label = "Account Status";Expression = {if (($_.Enabled -eq 'TRUE')  ) {'Enabled'} Else {'Disabled'}}}, # the 'if statement# replaces $_.Enabled
@{Label = "Last LogOn Date";e={[datetime]::FromFileTime($_.lastLogonTimestamp)}}| 

#Export CSV report

Export-Csv -Path $csvfile -NoTypeInformation

All the other details are perfectly fine except for the group name where the user resides and the employeeID number.

Any help is much appreciated.

1 answers

solution1
 1 ACCPTED  2018-09-24 22:29:50

What you are after is this. It will search the groups of the user, extract the Name and join them as required. 

{($_  | %{(Get-ADPrincipalGroupMembership $_.SamAccountName).Name -join ";"})}

What you had was this 

# $_.memberof is using the full name of groups the user is in
# the groups do not have a .SamAccountName for this type
{($_.memberof | %{(Get-ADPrincipalGroupMembership $_).sAMAccountName}) -join ";"}

As for employeeID, can you confirm that the .EmployeeID attribute is used for one of your users? Your code seems to work for me when I have something in the EmployeeID field. Ensure that you are not using an extensionAttribute as some companies may be doing.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question PS to get info from AD: group_name, employeeid, name, samacoountname How to look for Active Directory group name from csv in PowerShell? how to search for a group name within the active directory? Active Directory Export via PowerShell (Displayname & EmployeeID) Using Get-ADUser Using Powershell, how to get a list of Active Directory group members, including users and contacts, showing name, company, and email How can I obtain an Active Directory Group name from a SQL Server stored SID? How to get count of employeeID attritubute in AD where employeeID = X Powershell: How do I get the name from Azure Active Directory user (Get-AzADUser) Regex in PowerShell to get the city name from the Managedby property in Active Directory In Active Directory how do I get the user's computer name
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM