Powershell Help - Add Active Directory MemberOf to existing Script

mugirl73

2/3/24, 4:12 PM

The working PowerShell script below provides me with all the users from a specific AD Group. It also lists their Title and Department. I want to add another column that lists all of the other AD Groups they are a member of. I added an example, the first 3 columns are from the working script the last column in yellow is what I would like to see. I appreciate the help, my PowerShell expertise is limited.

$identity = 'TestGroup'
$Server = 'Test.Local'
Get-ADGroupMember –identity $identity -Server $Server -Recursive | 
Get-ADUser –Server $Server -Property Name, Title, Department | Select Name, Title, Department |
Get-ADPrincipalGroupMembership | select name, groupscope | Export-CSV –path C:\Temp\Test15.csv –NoTypeInformation

End Result Example

285

1 + 0

powershell

Score:2

Server

Pimp Juice IT

2/4/24, 4:31 PM

Don't pipe over to Get-ADPrincipalGroupMembership and use a calculated property putting the cmdlet within the expression part of the object.

Values are created as arrays so use foreach-object along with PowerShell $( ) operators to turn the "group name" and "scope" into colon separated values (i.e. <group name>:<group scope>).

Furthermore, join all the colon separated value pairs with a semicolon (";") to concatenate all group names and group scope object pairs into one csv field.

Since this is csv data, you probably shouldn't separate any concatenated grouped pair values with a comma or import processes may interpret wrong.

Field Output Example

groupa:global;groupb;domainlocal;groupc:domainlocal

Csv Output Example

"Name","Title","Department","MemberOfPrimaryGroups"
"Administrator",,,"GroupA:DomainLocal;GroupB:DomainLocal;KoolAdmins:Global"
"John Doe","Systems Administrator","IT"," GroupA:DomainLocal;GroupB:DomainLocal;KoolAdmins:Global"
"Curly Moe","IT Manager","IT","GroupA:DomainLocal;GroupB:DomainLocal;KoolAdmins:Global"

PowerShell

$identity = 'TestGroup'
$Server = 'Test.Local'

Get-ADGroupMember -Identity $identity -Server $Server -Recursive  | 
    Get-ADUser –Server $Server -Property Name, Title, Department | 
        Select-Object Name, Title, Department, @{
            N="MemberOfPrimaryGroups";
            E={(Get-ADPrincipalGroupMembership $identity | ForEach-Object {
                "$($_.Name):$($_.GroupScope)" }) -join ";"}} | 
                    Export-CSV –path C:\Temp\Test15.csv –NoTypeInformation;

Supporting Resources

+ 2

Pimp Juice IT

2/5/24, 1:35 AM

If you don't flatten out the group and scopes with the paired group and scope colon separated and each other paired group being semicolon separated. This way your delimiters are standard and you can import, etc. to process accordingly. Otherwise you can scale out to more csv fields e.g. after `Name`,`Title`,`department`,`GroupA`,`gScopeA`,`GroupB`,`gScopeB`...,...,...,`GroupZ`,`gScopeZ`,`GroupZa`,`gScopeZa` which seems ugly to me. Depending on your requirements for use case, but I gave you the simple one that made sense based on what I know thus far on what you need. @mugirl73

Pimp Juice IT

2/5/24, 1:41 AM

This is based on your saying "*last column in yellow is what I would like*" plus your code example includes "groupscope" field so I'm assuming you want to include those. But in one field in a csv, you cannot have an array like that, multiple values in one field have to be separated by something or it concatenates all the values to one long string in that field of a csv. A record in a csv spans across a line, so a field cannot go across more lines that the record that contains it's values. I'm assuming you need something like this, but happy to make further trivial adjustments if you ask me.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Powershell Help - Add Active Directory MemberOf to existing Script

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.