How can I add group membership information to this csv export?

Baron164 · ‎Jul 14 2022

I am currently exporting a list of user accounts which have uidNumbers. So far so good, but now I need to also include in this export, group information. Specifically the gidNumber for each group every account is a member of. So if John Doe's account is a member of 10 groups, I would need the gidNumber from each of those groups to be included in this export as well.

Here is what I'm currently running

Get-ADUser -Filter "uidNumber -ge 0" -Properties Name,givenName,sn,uidNumber,userPrincipalName | select Name,givenName,sn,uidNumber,userPrincipalName | Sort-Object Name | export-csv -Path \\server\share\export.csv -NoTypeInformation

Here is one line of the current export as it exists now.

"xptest","Xp","Test","142354","xptest@domain.local"

Since this account is a member of two groups, I need the line to look something like this:

"xptest","Xp","Test","142354","xptest@domain.local","9081","1734"

In this case "9081" and "1734" are the gidNumbers tied to the groups that the user "xptest" is a member of.

What would be the best way of handling this?

farismalaeb · ‎Jul 14 2022

@Baron164

You will need to use a custom object to group all the content together. here is an example

$fullReport=@()
$AllUsers=Get-ADUser -Filter "uidNumber -ge 0" -Properties Name,givenName,sn,uidNumber,userPrincipalName 
foreach ($singleuser in $AllUsers){
    $Report=[PSCustomObject]@{
        Name = $singleuser.Name
        givenName=$singleuser.GivenName
        sn=$singleuser.sn
        uidNumber=$singleuser.uidNumber
        userPrincipalName=$singleuser.userPrincipalName
    }
    $AllGroups=Get-ADPrincipalGroupMembership $singleuser.SamAccountName
    for ($i = 0; $i -lt $AllGroups.name.count; $i++) {
        $Report | Add-Member -NotePropertyName "Group$i" -NotePropertyValue $AllGroups[$i].name
    }
    $fullReport+=$Report 

}

The result looks like the following

Name              : vdi2
givenName         : vdi2
sn                : 3
uidNumber         : 1
userPrincipalName : email address removed for privacy reasons
Group0            : Domain Users
Group1            : Discovery Management
Group2            : Limited
Group3            : Win 10 Pro - DC
Group4            : High MGMT
Group5            : InTunePOC

farismalaeb · ‎Jul 16 2022

Did the proposed solution fix your challenge ? If so please mark the response as best respone

Baron164 · ‎Jul 18 2022

So far so good, the only issue I have is that it's showing the group names instead of the gidNumber attribute. I tried changing the $AllGroups.name to $AllGroups.gidNumber but that does not work.

farismalaeb · ‎Jul 18 2022

Just to confirm, So you dont need the group name, you need to have the gidNumber
So the output looks like
Name : vdi2
givenName : vdi2
sn : 3
uidNumber : 1
userPrincipalName : email address removed for privacy reasons
Group0 : 1231231
Group1 : 123134234534

yes?

Baron164 · ‎Jul 18 2022

Yes, that is correct.

Baron164 · ‎Jul 19 2022

@Baron164

$fullReport=@()
$AllUsers=Get-ADUser -Filter "uidNumber -ge 0" -Properties Name,givenName,sn,uidNumber,userPrincipalName 
foreach ($singleuser in $AllUsers){
    $Report=[PSCustomObject]@{
        Name = $singleuser.Name
        givenName=$singleuser.GivenName
        sn=$singleuser.sn
        uidNumber=$singleuser.uidNumber
        userPrincipalName=$singleuser.userPrincipalName
    }
    $AllGroups=Get-ADPrincipalGroupMembership $singleuser.SamAccountName
    for ($i = 0; $i -lt $AllGroups.name.count; $i++) {
    $GroupGid=Get-ADGroup -Properties gidNumber -Identity $AllGroups[$i].SamAccountName
        $Report | Add-Member -NotePropertyName "Group$i" -NotePropertyValue $GroupGid.gidNumber
    }
    $fullReport+=$Report 

}

Let me know :)

Baron164 · ‎Jul 19 2022

Perfect, thank you

Baron164 · ‎Jul 19 2022

@Baron164

$fullReport=@()
$AllUsers=Get-ADUser -Filter "uidNumber -ge 0" -Properties Name,givenName,sn,uidNumber,userPrincipalName 
foreach ($singleuser in $AllUsers){
    $Report=[PSCustomObject]@{
        Name = $singleuser.Name
        givenName=$singleuser.GivenName
        sn=$singleuser.sn
        uidNumber=$singleuser.uidNumber
        userPrincipalName=$singleuser.userPrincipalName
    }
    $AllGroups=Get-ADPrincipalGroupMembership $singleuser.SamAccountName
    for ($i = 0; $i -lt $AllGroups.name.count; $i++) {
    $GroupGid=Get-ADGroup -Properties gidNumber -Identity $AllGroups[$i].SamAccountName
        $Report | Add-Member -NotePropertyName "Group$i" -NotePropertyValue $GroupGid.gidNumber
    }
    $fullReport+=$Report 

}

Let me know :)

View solution in original post

How can I add group membership information to this csv export?

How can I add group membership information to this csv export?

Re: How can I add group membership information to this csv export?

Re: How can I add group membership information to this csv export?

Re: How can I add group membership information to this csv export?

Re: How can I add group membership information to this csv export?

Re: How can I add group membership information to this csv export?

Re: How can I add group membership information to this csv export?

Re: How can I add group membership information to this csv export?

Re: How can I add group membership information to this csv export?

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

How can I add group membership information to this csv export?