Forum Discussion
How can I add group membership information to this csv export?
I am currently exporting a list of user accounts which have uidNumbers. So far so good, but now I need to also include in this export, group information. Specifically the gidNumber for each group every account is a member of. So if John Doe's account is a member of 10 groups, I would need the gidNumber from each of those groups to be included in this export as well.
Here is what I'm currently running
Get-ADUser -Filter "uidNumber -ge 0" -Properties Name,givenName,sn,uidNumber,userPrincipalName | select Name,givenName,sn,uidNumber,userPrincipalName | Sort-Object Name | export-csv -Path \\server\share\export.csv -NoTypeInformation
Here is one line of the current export as it exists now.
"xptest","Xp","Test","142354","xptest@domain.local"
Since this account is a member of two groups, I need the line to look something like this:
"xptest","Xp","Test","142354","xptest@domain.local","9081","1734"
In this case "9081" and "1734" are the gidNumbers tied to the groups that the user "xptest" is a member of.
What would be the best way of handling this?
$fullReport=@() $AllUsers=Get-ADUser -Filter "uidNumber -ge 0" -Properties Name,givenName,sn,uidNumber,userPrincipalName foreach ($singleuser in $AllUsers){ $Report=[PSCustomObject]@{ Name = $singleuser.Name givenName=$singleuser.GivenName sn=$singleuser.sn uidNumber=$singleuser.uidNumber userPrincipalName=$singleuser.userPrincipalName } $AllGroups=Get-ADPrincipalGroupMembership $singleuser.SamAccountName for ($i = 0; $i -lt $AllGroups.name.count; $i++) { $GroupGid=Get-ADGroup -Properties gidNumber -Identity $AllGroups[$i].SamAccountName $Report | Add-Member -NotePropertyName "Group$i" -NotePropertyValue $GroupGid.gidNumber } $fullReport+=$Report }
Let me know 🙂
- farismalaebSteel Contributor
You will need to use a custom object to group all the content together. here is an example
$fullReport=@() $AllUsers=Get-ADUser -Filter "uidNumber -ge 0" -Properties Name,givenName,sn,uidNumber,userPrincipalName foreach ($singleuser in $AllUsers){ $Report=[PSCustomObject]@{ Name = $singleuser.Name givenName=$singleuser.GivenName sn=$singleuser.sn uidNumber=$singleuser.uidNumber userPrincipalName=$singleuser.userPrincipalName } $AllGroups=Get-ADPrincipalGroupMembership $singleuser.SamAccountName for ($i = 0; $i -lt $AllGroups.name.count; $i++) { $Report | Add-Member -NotePropertyName "Group$i" -NotePropertyValue $AllGroups[$i].name } $fullReport+=$Report }
The result looks like the following
Name : vdi2 givenName : vdi2 sn : 3 uidNumber : 1 userPrincipalName : email address removed for privacy reasons Group0 : Domain Users Group1 : Discovery Management Group2 : Limited Group3 : Win 10 Pro - DC Group4 : High MGMT Group5 : InTunePOC
- Baron164Brass ContributorSo far so good, the only issue I have is that it's showing the group names instead of the gidNumber attribute. I tried changing the $AllGroups.name to $AllGroups.gidNumber but that does not work.
- farismalaebSteel ContributorJust to confirm, So you dont need the group name, you need to have the gidNumber
So the output looks like
Name : vdi2
givenName : vdi2
sn : 3
uidNumber : 1
userPrincipalName : email address removed for privacy reasons
Group0 : 1231231
Group1 : 123134234534
yes?
- farismalaebSteel ContributorDid the proposed solution fix your challenge ? If so please mark the response as best respone