I have a script which is I identify my OU and it searches the OU for AD groups for username, name, email address, AD group name and AD group description and exports this to CSV:
$ou = 'distinguishedName of my OU'
Get-ADGroup -Filter * -SearchBase $ou -Properties 'Description' | ForEach-Object {
$group = $_ # just for convenience..
$members = Get-ADGroupMember $_ | Where-Object { $_.objectClass -eq 'user' }
foreach($member in $members) {
$user = Get-ADUser $member -Properties EmailAddress
[pscustomobject]@{
SamAccountName = $user.SamAccountName
Name = $user.Name
EmailAddress = $user.EmailAddress
GroupName = $group.Name
Description = $group.Description
}
}
} | Export-csv C:\Users\Me\Desktop\MyFile.csv -NoTypeInformation
Big thanks to @Theo for this script above!
What I would like to do is to pull off the expiration date of the users also and the managers name of the users.
I have tried to do this via altering script like this :
SamAccountName = $user.SamAccountName
Name = $user.Name
ExpiryDate = $user.accountExpires
EmailAddress = $user.EmailAddress
GroupName = $group.Name
Description = $group.Description
This showed the field as blank in the CSV.
Also tried this:
$user = Get-ADUser $member -Properties EmailAddress, AccountExpirationDate
[pscustomobject]@{
SamAccountName = $user.SamAccountName
Name = $user.Name
AccountExpirationDate = $user.AccountExpirationDate
EmailAddress = $user.EmailAddress
GroupName = $group.Name
Description = $group.Description
I get this error message:
Get-ADUser : A positional parameter cannot be found that accepts argument '
SamAccountName = $user.SamAccountName
Name = $user.Name
EmailAddress = $user.EmailAddress
ExpiryDate = $user.AccountExpirationDate
GroupName = $group.Name
Description = $group.Description
'.
At C:\Users\ME\File.ps1:6 char:17
+ $user = Get-ADUser $member -Properties EmailAddress, AccountExpirationDa ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Get-ADUser], ParameterBindingException
+ FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.ActiveDirectory.Management.Commands.GetADUser
Get-ADUser : A positional parameter cannot be found that accepts argument '
SamAccountName = $user.SamAccountName
Name = $user.Name
EmailAddress = $user.EmailAddress
AccountExpirationDate = $user.AccountExpirationDate
GroupName = $group.Name
Description = $group.Description
I haven't tried to pull off the manager name only but I have seen in Attribute Editor there is an Attribute called "manager" but this contains the name of the manager the OU where his account is located and the domain name. I would like just the managers name please.
Would the manager code be like this:
SamAccountName = $user.SamAccountName
Name = $user.Name
Manager = $user.manager
EmailAddress = $user.EmailAddress
GroupName = $group.Name
Description = $group.Description
How would I go about getting the name only of the manager and not the rest of the details.
There is a typo somewhere in your code that we are not seeing, if you showed the full update it would be easier to see but basically it looks like you're trying to pass the members of your pscustomobject as argument for Get-ADUser. The following should do what you're looking for, there is no need for Get-ADGroupMember in this case.
$ou = 'distinguishedName of my OU'
Get-ADGroup -Filter * -SearchBase $ou -Properties 'Description' | ForEach-Object {
$params = @{
LDAPFilter = "(memberOf=$($_.DistinguishedName))"
Properties = "mail", "manager", "accountExpirationDate"
}
foreach($member in Get-ADUser @params) {
[pscustomobject]@{
SamAccountName = $member.SamAccountName
Name = $member.Name
EmailAddress = $member.mail
ExpiryDate = $member.accountExpirationDate
Manager = $member.manager -replace '^CN=|,(OU|CN)=.+$'
GroupName = $_.Name
Description = $_.Description
}
}
} | Export-csv C:\Users\Me\Desktop\MyFile.csv -NoTypeInformation
As aside, what you see as value in the manager attribute in the Attribute Editor is called DistinguishedName.