Search code examples
powershellactive-directoryexchange-serverexchange-server-2013

Get-Distribution Group Attributes in PowerShell and Print to File

So, I've built a script, with some help from the wonderful people floating around Stack, that polls AD for Distribution Groups and creates a CSV populated with

  • Display Name
  • SAM Account Name
  • Primary SMTP Address of the Group
  • SMTP Address for Accepted Senders,
  • SMTP Address of Moderated By
  • SMTP Address of the Managed By

The first 3 are easy to get as they're standard attributes to the Distribution Group. The challenge comes when I attempt to convert the display names in the group membership to the primary SMTP addresses for Accepted Senders, Moderate By and Managed By. The current script works to get the SMTP addresses however the Display Name we're using to filter is also occasionally, used for secondary and tertiary accounts, so occasionally we will return multiple results for every Display Name. I need to filter these secondary and tertiary email accounts from the list. Luckily we have a secondary field, an extensionAttribute, that is always populated with a 1 if its the primary user account. So I attempted to modify the -Filter with an -And "extensionAttribute8 -eq '1'" and it blew up on me. I also tried adding an additional -Properties field that references the extensionattribute but that didn't do anything either.

It just keeps failing with an

ActiveDirectlyCmdlet.Microsoft.ActiveDirectly.Management.AdfilterParsingException,Microsoft.adtiveDirectory.Management.Commands.GetADUser

Below is the script that I've tried to put together, hopefully one of you PowerShell Guru's can help me out here.

Thanks in advance for all the help!

Ryan 

$props = @(
    "DisplayName"
    "SamAccountName"
    "PrimarySmtpAddress"
    @{n='Accepted Senders';e= {($_.acceptmessagesonlyfromsendersormembers | Foreach-Object {
    (Get-AdUser -Filter "DisplayName -eq '$($_.Split('/')[-1])'" -And "extensionAttribute8 -eq '1'" -Properties ('extensionattribute8', 'ProxyAddresses') |
        Select-Object -Expand ProxyAddresses | Where-Object {$_ -cmatch '^SMTP:'}) -replace '^SMTP:'}) -join ';'}}
    "ModerationEnabled"
    @{N="ModeratedBy";E= {($_.ModeratedBy | ForEach-Object {
    (Get-AdUser -Filter "DisplayName -eq '$($_.Split('/')[-1])'" -And "extensionAttribute8 -eq '1'" -Properties ('extensionattribute8', 'ProxyAddresses') |
        Select-Object -Expand ProxyAddresses | Where-Object {$_ -cmatch '^SMTP:'}) -replace '^SMTP:'}) -join ';'}}
    @{Name="Internal Senders Only";E={$_.RequireSenderAuthenticationEnabled}}
    @{N="ManagedBy";E= {($_.ManagedBy | ForEach-Object {
    (Get-AdUser -Filter "DisplayName -eq '$($_.Split('/')[-1])'" -And "extensionAttribute8 -eq '1'" -Properties ('extensionattribute8', 'ProxyAddresses') |
        Select-Object -Expand ProxyAddresses | Where-Object {$_ -cmatch '^SMTP:'}) -replace '^SMTP:'}) -join ';'}}
        )
Get-DistributionGroup -ResultSize Unlimited | Select-Object $props | export-Csv C:\temp\testforformat.csv -NoTypeInformation

For reference, the script the I'm attempting to modify is included below.

$props = @(
    "DisplayName"
    "SamAccountName"
    "PrimarySmtpAddress"
    @{n='Accepted Senders';e= {($_.acceptmessagesonlyfromsendersormembers | Foreach-Object {
    (Get-AdUser -Filter "DisplayName -eq '$($_.Split('/')[-1])'" -Property ProxyAddresses |
        Select-Object -Expand ProxyAddresses | Where-Object {$_ -cmatch '^SMTP:*.*@*.com'}) -replace '^SMTP:*.*@*.com'}) -join ';'}}
    "ModerationEnabled"
    @{N="ModeratedBy";E= {($_.ModeratedBy | ForEach-Object {
    (Get-AdUser -Filter "DisplayName -eq '$($_.Split("/")[-1])'" -Property ProxyAddresses |
        Select-Object -Expand ProxyAddresses | Where-Object {$_ -cmatch '^SMTP:'}) -replace '^SMTP:'}) -join ';'}}
    @{Name="Internal Senders Only";E={$_.RequireSenderAuthenticationEnabled}}
    @{N="ManagedBy";E= {($_.ManagedBy | ForEach-Object {
    (Get-AdUser -Filter "DisplayName -eq '$($_.Split("/")[-1])'" -Property ProxyAddresses |
        Select-Object -Expand ProxyAddresses | Where-Object {$_ -cmatch '^SMTP:'}) -replace '^SMTP:'}) -join ';'}}
        )
Get-DistributionGroup -ResultSize Unlimited | Select-Object $props | export-Csv C:\temp\testforformat.csv -NoTypeInformation
``
Solution

  • To me, it looks like you are repeating the same Get-ADUser code which makes it very hard to read/modify.
    I'd suggest you create a small helper function to get the primary SMTP email address. Something like this:

    function Get-SMTPAddress ([string]$DisplayName) {
    $filter = "DisplayName -eq '$DisplayName' -and extensionAttribute8 -eq '1'"
    ((Get-AdUser -Filter $filter -Properties DisplayName, ProxyAddresses, extensionAttribute8).ProxyAddresses |
      Where-Object {$_ -cmatch '^SMTP:'}) -replace '^SMTP:'
}

    With that in place, building the array of properties can become much clearer:

    $props = 'DisplayName',
         'SamAccountName',
         'PrimarySmtpAddress',
         @{Name = 'Accepted Senders'
           Expression = {($_.acceptmessagesonlyfromsendersormembers | Foreach-Object { Get-SMTPAddress $_.Split('/')[-1] }) -join ';'}},
         'ModerationEnabled',
         @{Name = 'ModeratedBy'
           Expression = {($_.ModeratedBy | Foreach-Object { Get-SMTPAddress $_.Split('/')[-1] }) -join ';'}},
         @{Name = 'Internal Senders Only'; Expression = {$_.RequireSenderAuthenticationEnabled}},
         @{Name = 'ManagedBy'
           Expression = {($_.ManagedBy | Foreach-Object { Get-SMTPAddress $_.Split('/')[-1] }) -join ';'}}

    Obviously untested, this then should give you output:

    Get-DistributionGroup -ResultSize Unlimited | 
    Select-Object $props | 
    Export-Csv C:\temp\testforformat.csv -NoTypeInformation