if user is member of group > Windows PowerShell Discussion Forums > PowerShellCommunity.org


			Register : : Login

Home

Blogs

Podcast

Scripts

Downloads

Community

User Group Support

[August 25th, 2008] Check the home page regarding PowerShell related news from a brand new sponsor: Idera!

Unanswered Active Topics

Forums Search

Forums > Using PowerShell > Active Directory

Subject: if user is member of group

You are not authorized to post a reply.

Author

Messages

dlisterjr

User is Offline

New Member

New Member
Posts:2

07/22/2008 9:04 AM
I am having a problem figuring out how to show if a user is a member of a group. I am query attributes of all users under a ou and want to show the users is a member or not of the VPNUsers group. This is my current script: get-qaduser -searchroot $ou.dn -IncludedProperties 'distinguishedName','sAMAccountName','DisplayName','whenCreated','title','info','homeDirectory','accountexpires','lockouttime','mail','department','description' -sizelimit 0 \| select-object distinguishedName,sAMAccountName,DisplayName,whenCreated,title,info,homeDirectory,accountexpires,lockouttime,mail,department,description \| export-csv $tempDirectory$csvfilename -notypeinformation Any hep would be appreciated.

Shay

User is Offline

Shell Enthusiast

Shell Enthusiast
Posts:68

07/23/2008 1:06 AM
$VPNUsers = (Get-QADGroup VPNUsers).dn $MemberOfVPNUsers = @{name="MemberOfVPNUsers";expression={ if ($_.memberOf -contains $VPNUsers) {"Yes"} else {"No"} }} Get-QADUser -searchRoot $ou.dn \| select Name,$MemberOfVPNUsers ,distinguishedName,sAMAccountName,DisplayName,whenCreated,title,info,homeDirectory,accountexpires,lockouttime,mail,department,description \| export-csv "$tempDirectory\$csvfilename" -nti -Shay

Shay Levy Windows PowerShell MVP http://blogs.microsoft.co.il/blogs/ScriptFanatic

Shay

User is Offline

Shell Enthusiast

Shell Enthusiast
Posts:68

07/23/2008 1:25 AM
There is another option, the above will give you only the direct members of the VPNUsers group. You can use the -Indirect parameter to get ALL members even if they are not direct members (nested group members): $VPNUsers = Get-QADGroupMember "domain admins" -Indirect \| foreach {$_.SamAccountName} $MemberOfVPNUsers = @{name="MemberOfVPNUsers";expression={ if ($VPNUsers -contains $_.SamAccountName) {"Yes"} else {"No"} }} Get-QADUser -searchRoot $ou.dn \| select Name,$MemberOfVPNUsers .....

Shay Levy Windows PowerShell MVP http://blogs.microsoft.co.il/blogs/ScriptFanatic

You are not authorized to post a reply.

Forums > Using PowerShell > Active Directory > if user is member of group

ActiveForums 3.7

Sponsored by Quest Software • SAPIEN Technologies • ShellTools, LLC • Microsoft Windows Server 2008