Powershell About Active Directory Group Membership of a domain user

使用Get-User命令去寻找group membership of a domain user

$((Get-ADUser Wendy -Properties *).MemberOf -split (“,”)  | Select-String -SimpleMatch “CN=”) -replace “CN=”,””

 

扩展1️:获取在群组Wendy和群组Gaga中的所有用户

Get-ADUser -Filter * -SearchScope Subtree -SearchBase "dc=xx,dc=xx,dc=xxx" -Properties * |  where {($($_.MemberOf -split (“,”)  | Select-String -SimpleMatch “CN=”) -replace “CN=”,””) -contains "GroupGaga" -or ($($_.MemberOf -split (“,”)  | Select-String -SimpleMatch “CN=”) -replace “CN=”,””) -contains "GroupWendy"} | select name,$($_.MemberOf -split (“,”)  | Select-String -SimpleMatch “CN=”) -replace “CN=”,””)

扩展2:定义筛选范围条件,将这个范围内不属于某个群组的用户加入某个群组

Get-ADUser -Filter * -SearchScope Subtree -SearchBase "OU=XX,dc=XX,dc=XX,dc=XX" -Properties * |  where {$_.Title -eq "WW有限公司" -and $_.EmailAddress -ne $null -and $_.City -ne $null -and $_.Enabled -eq $true -and ($($_.MemberOf -split (“,”)  | Select-String -SimpleMatch “CN=”) -replace “CN=”,””) -notcontains "GroupNacy"} | Get-ADUser | ForEach-Object {Add-ADGroupMember -Identity “GroupNacy)” -Members $_}

扩展3:查询用户的隶属群组

$export=@()
$Users=Get-ADUser -Filter * -SearchScope Subtree -SearchBase "OU=xx,OU=xx,dc=xx,dc=xx,dc=xx" -Properties *
 
foreach($user in $users)
{
#$User=Get-ADUser -identity wendy -Properties * 
$members=($user.MemberOf -split (“,”) | Select-String -SimpleMatch “CN=”) -replace “CN=”,””
$name=$user.name
#$all=$members | findstr /i "GroupWendy Groupgaga" 可以放在一个条件中
$w=$members | findstr /i "GroupWendy" 
#筛选群组,用findstr   /i为忽略大小写参数  findstr /i "^Groupgaga" 表示:查询以Groupgaga开头的string
$g=$members | findstr /i "^Groupgaga"
$wendy=[string]$w
$gaga=[string]$g
$info=New-Object Psobject
$info |Add-Member -MemberType NoteProperty -Name 姓名 -Value $name
$info |Add-Member -MemberType NoteProperty -Name Groupgaga -Value $gaga
$info |Add-Member -MemberType NoteProperty -Name GroupWendy -Value $wendy
$export+=$info
}
$CurrentDate = Get-Date
$CurrentDate = $CurrentDate.ToString('yyyy-MM-dd')
$export |Export-Csv D:\ps\userPermissioninfo_$CurrentDate.csv -Encoding UTF8 -NoTypeInformation

 

posted @ 2017-06-24 14:54  寻香径  阅读(353)  评论(0编辑  收藏  举报