I am writing a PowerShell script to pull an AD report of user information. Most of the report works just fine, but I'm having issues getting group membership to work right.
Get-ADPrincipalGroupMembership -identity | select name
works on its own to give me just a clean list of permissions, but piping the info into select name doesn't work inside of my expression. It just returns nothing. How can I filter only the name for each group, while still passing in each user to be processed.
So far nothing I have tried has been able to return a formatted list. I always end up with either too much data, or an empty column. I've also tried playing around with cleaning up the data after the fact, but I haven't been able to get the regex to do what I want it to do. My (non-functional) rough draft of this is listed below.
#Clean up Group Membership data
$test = Import-Csv $csvfile
$test | ForEach-Object {
$_.Group_Membership = $_.Group_Membership.Replace('(?<=OU=").*?(?=/,)', ' ')
$_.Group_Membership = $_.Group_Membership.Replace('(?<=DC=").*?(?=/,)', ' ')
}
$test | Export-Csv $csvfile -NoType
$AllADUsers = Get-ADUser -Server $ADServer -SearchBase $SearchBase -Properties * -Filter *
$AllADUsers |
Select-Object @{Label="First Name";Expression={$_.GivenName}},
@{Label="Last Name";Expression={$_.Surname}},
@{Label="Display Name";Expression={$_.DisplayName}},
@{Label="Username";Expression={$_.SamAccountName}},
@{Label="Job Title";Expression={$_.Title}},
@{Label="Company";Expression={$_.Company}},
@{Label="Email";Expression={$_.Mail}},
@{Label="Account Status";Expression={if (($_.Enabled -eq 'TRUE')) {'Enabled'} else {'Disabled'}}},
@{Label="Last LogOn Date";Expression={$_.LastLogonDate}},
@{Label="Group_Membership";Expression={$_.SamAccountName | Get-ADPrincipalGroupMembership}} |
Export-Csv -Path $csvfile -NoTypeInformation
After running this script, I want a CSV file that lists the information above and just a list of security groups, but the way it's working now, I am getting everything, and it's messy.
