SOLVED

Script is not listing all groups

Brass Contributor

I'm running this script to export some user data to a csv. It works fine except for the GroupGid portion which is currently only provided up to 8 groups per user. Some user accounts are members of many more groups and I need each of them listed.

 

$fullReport=@()
$AllUsers=Get-ADUser -Filter "uidNumber -ge 0" -Properties Name,givenName,sn,uidNumber,userPrincipalName 
foreach ($singleuser in $AllUsers)
{
    $Report=[PSCustomObject]@{
        Name = $singleuser.Name
        givenName=$singleuser.GivenName
        sn=$singleuser.sn
        uidNumber=$singleuser.uidNumber
        userPrincipalName=$singleuser.userPrincipalName
    }
    $AllGroups=Get-ADPrincipalGroupMembership $singleuser.SamAccountName
    for ($i = 0; $i -lt $AllGroups.name.count; $i++) 
    {
    $GroupGid=Get-ADGroup -Properties gidNumber -Identity $AllGroups[$i].SamAccountName
        $Report | Add-Member -NotePropertyName "Group$i" -NotePropertyValue $GroupGid.gidNumber
    }
    $fullReport+=$Report 

}

$fullReport | Export-Csv -Path \\server\share\IT\Datafiles\userexport.csv -NoTypeInformation

 

 

Here is an example of what it's giving me.

 

"Doe","John","Doe","102362","doe@domain.local","10002","1320","1117","1216","1239","1146","1231","1344"

 


Instead of only 8 gidNumber's there should be 13 as this user is a member of 13 groups, each having it's own gidNumber.

4 Replies

@Baron164 

I tried the script from my end, created a user and join the user to a 14 AD Group. Each group have a gidNumber and the user has a uidNumber.

The script return all the 14 groups the user is a member of.

I think its might be related to the filter it self.

Can you run the following line

Get-ADGroup -Properties gidNumber -Identity "GROUP NAME"

Replace the group name with one of the groups not showing up, and let me know

 

I checked missing groups and they have gidNumbers. I ran that command for a group that didn't show up and one that did and they both showed gidNumbers.

@farismalaeb So I think my issue is related to the export-csv portion. If I change "$AllGroups.name.count" to a set number like 50, I get up to 50 group columns. However, if I do that, then the last group for a user gets listed multiple times. Here is an example from my last run.

 

"Doe","Jane","JDoe","102138","jdoe@domain.local","10002","1216","1349","1920","1901","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902","1902"

 

best response confirmed by Baron164 (Brass Contributor)
Solution

@Baron164 

Hi

Yes, You are right, Actually the problem is in the way the object is passed to the export-csv.

I updated the script to fix this issue and try it on my side with the export.

This should fix your issue 

Let me know

[System.Collections.ArrayList]$fullReport=@()
$AllUsers=Get-ADUser -Filter "uidNumber -ge 0" -Properties Name,givenName,sn,uidNumber,userPrincipalName 
$CSVheaderNumber=0
$CSVIndex=0
foreach ($singleuser in $AllUsers)

{
    $Report=[PSCustomObject]@{
        Name = $singleuser.Name
        givenName=$singleuser.GivenName
        sn=$singleuser.sn
        uidNumber=$singleuser.uidNumber
        userPrincipalName=$singleuser.userPrincipalName
    }
    $AllGroups=Get-ADPrincipalGroupMembership $singleuser.SamAccountName -Server aud-dc-n2

    if ($AllGroups.Count -gt $CSVheaderNumber){ $CSVheaderNumber=$AllGroups.Count;$CSVIndex=$fullReport.Count}

    for ($i = 0; $i -lt $AllGroups.name.count; $i++) 
    {
    $GroupGid=Get-ADGroup -Properties gidNumber -Identity $AllGroups[$i].SamAccountName

        $Report | Add-Member -NotePropertyName "Group$i" -NotePropertyValue $GroupGid.gidNumber
    }

    $fullReport.Add($Report) | Out-Null

}
$fullReport[$CSVIndex] | Export-Csv -Path C:\Users\f.malaeb\myusers.csv -NoTypeInformation
$fullReport[0..($CSVIndex -1)+($CSVIndex +1)..$fullReport.count] | Export-Csv -Path C:\Users\f.malaeb\myusers.csv -NoTypeInformation -Append -Force

If this answer helps, please mark this as Best Response and give a like 🙂

Thanks

 

1 best response

Accepted Solutions
best response confirmed by Baron164 (Brass Contributor)
Solution

@Baron164 

Hi

Yes, You are right, Actually the problem is in the way the object is passed to the export-csv.

I updated the script to fix this issue and try it on my side with the export.

This should fix your issue 

Let me know

[System.Collections.ArrayList]$fullReport=@()
$AllUsers=Get-ADUser -Filter "uidNumber -ge 0" -Properties Name,givenName,sn,uidNumber,userPrincipalName 
$CSVheaderNumber=0
$CSVIndex=0
foreach ($singleuser in $AllUsers)

{
    $Report=[PSCustomObject]@{
        Name = $singleuser.Name
        givenName=$singleuser.GivenName
        sn=$singleuser.sn
        uidNumber=$singleuser.uidNumber
        userPrincipalName=$singleuser.userPrincipalName
    }
    $AllGroups=Get-ADPrincipalGroupMembership $singleuser.SamAccountName -Server aud-dc-n2

    if ($AllGroups.Count -gt $CSVheaderNumber){ $CSVheaderNumber=$AllGroups.Count;$CSVIndex=$fullReport.Count}

    for ($i = 0; $i -lt $AllGroups.name.count; $i++) 
    {
    $GroupGid=Get-ADGroup -Properties gidNumber -Identity $AllGroups[$i].SamAccountName

        $Report | Add-Member -NotePropertyName "Group$i" -NotePropertyValue $GroupGid.gidNumber
    }

    $fullReport.Add($Report) | Out-Null

}
$fullReport[$CSVIndex] | Export-Csv -Path C:\Users\f.malaeb\myusers.csv -NoTypeInformation
$fullReport[0..($CSVIndex -1)+($CSVIndex +1)..$fullReport.count] | Export-Csv -Path C:\Users\f.malaeb\myusers.csv -NoTypeInformation -Append -Force

If this answer helps, please mark this as Best Response and give a like 🙂

Thanks

 

View solution in original post