Sep 23 2021 03:33 AM
Hi,
I'm new to Powershell and trying to automate some simple tasks.
So basically I need to create a script to check for newly added users on my AD for the last x days (this is already done), and then check each of those new users if they are added on priviledged groups, like Domain Admins, Enterprise Admins or Schema Admins, and raise a warning if any of those new users are on those groups.
I have the first part to check for new added users created and outputting to terminal, but now I need input those SamAccountName's into a variable so then I can use that variable to check for each user groups. How can I do that?
Or is there any other easier approach?
Thanks
Sep 23 2021 06:31 AM
Solution
Hello, write the output of first step to external file, examplae text.csv
with these file you can read each line and add the variable with content of the file.
Get-Content .\test.csv | ForEach-Object {
if($_ -match $temp){
#I add write-output to show the content of the file test.csv[n]
Write-Output $_
}
}
Sep 23 2021 09:09 AM
Hi, thanks, that is great!
So now I got the output in a text file, with this structure:
SamAccountName
--------------
User1
User2
User3
So I can make the next step I need to clean up the first 2 lines of the output text file, so I can have the needed values to compare only.
I've searched and tried to use this command:
Get-Content $Path | Select-Object -Skip 3 | Set-Content $Path
If I run this on the file without the Set-Content $Path it works just fine, but when goes to write to the output file, I always got the error:
Set-Content : The process cannot access the file 'C:\Temp\teste.txt' because it is being used by another process.
I've read about it, and some say it's related to having Powershell ISE opened, but I close it and it's just the same.
Any tips on this?
Thanks
Sep 23 2021 09:23 AM
Sep 23 2021 09:30 AM
Sep 23 2021 10:13 AM
Sep 24 2021 07:23 AM
Hi,
I still have an issue that found out later.
When I create the first file to store the SamAccountName for each user, if I use the option Out-File <file.txt> or <file.csv>, I have a lot of blank spaces after the name, so when I input that line by line into the Get-ADPrincipalGroupMembership, it won't work, because the name doesn't match due to the spaces.
If I use the option Export-Csv, then the name has the char "name", so it won't be readable again on the next step.
Is there any easy way to remove the extra spaces on the txt file or the "" on the csv file?
Thanks
Sep 24 2021 07:30 AM
Hi, yes, powershell have replace command, for example:
Get-ChildItem c:\file.txt | Foreach-Object{
(Get-Content $_.FullName) |
Foreach-Object {$_ -replace "word you want replace", ""} |
Set-Content $_.FullName
}
Sep 24 2021 10:43 AM
@dmarquesgnWhy bother saving the data to a file at all?
$userList = Get-Aduser -filter "..." | Select-Object -ExpandProperty SamAccountName
foreach($user in $userList)
{
# do stuff 'ere
}
Once you have filtered the userlist you can store just the SAMAccountName property in a variable and loop over those directly.
Sep 27 2021 02:47 AM
Sep 23 2021 06:31 AM
Solution
Hello, write the output of first step to external file, examplae text.csv
with these file you can read each line and add the variable with content of the file.
Get-Content .\test.csv | ForEach-Object {
if($_ -match $temp){
#I add write-output to show the content of the file test.csv[n]
Write-Output $_
}
}