Technology Tips and News
Hi Team
Need help to filter users in a domain, here is the requirement......
I would like to get a list of users in a specific OU those are not member of a Specific Security group.
To be more clear we have several OU's( Country name ) and SubOU's (users..computers..external...etc)
we need all users list present in External OU... with above requirement
Simple right !!! not for me... please help..
Get-ADUser -filter * -Properties * -SearchBase "OU=MyOU,DC=mydomain,DC=local" | where {$_.memberof -notlike "*domain admins*"} | select name,userprincipalname
This example shows all users in "MyOU" organization unit of mydomain.com AD domain which are not member of domain admins AD group
"OU=MyOU,DC=mydomain,DC=local" is distinguishedName attribute of OU.
Get-ADUser -filter * -Properties * -SearchBase "OU=MyOU,DC=mydomain,DC=local" | where {$_.memberof -notlike "*domain admins*"} | select name,userprincipalname
This example shows all users in "MyOU" organization unit of mydomain.com AD domain which are not member of domain admins AD group
"OU=MyOU,DC=mydomain,DC=local" is distinguishedName attribute of OU.
Get-ADUser -filter * -Properties * -SearchBase "OU=MyOU,DC=mydomain,DC=local" | where {$_.memberof -notlike "*domain admins*"} | select name,userprincipalname
This example shows all users in "MyOU" organization unit of mydomain.com AD domain which are not member of domain admins AD group
"OU=MyOU,DC=mydomain,DC=local" is distinguishedName attribute of OU.
Get-ADUser -filter * -Properties * -SearchBase "OU=MyOU,DC=mydomain,DC=local" | where {$_.memberof -notlike "*domain admins*"} | select name,userprincipalname
This example shows all users in "MyOU" organization unit of mydomain.com AD domain which are not member of domain admins AD group
"OU=MyOU,DC=mydomain,DC=local" is distinguishedName attribute of OU.
Get-ADUser -filter * -Properties * -SearchBase "OU=MyOU,DC=mydomain,DC=local" | where {$_.memberof -notlike "*domain admins*"} | select name,userprincipalname
This example shows all users in "MyOU" organization unit of mydomain.com AD domain which are not member of domain admins AD group
"OU=MyOU,DC=mydomain,DC=local" is distinguishedName attribute of OU.
thank you for the help...
But is not getting desired result.. the result is showing all user objects present in that particular OU.. second condition of security group is not getting fulfilled.
Here you are:
$Users = Get-ADUser -Filter * -Properties * | where {$_.Distinguishedname -like "*OU=External*"}
$Report = @()
foreach ($User in $Users) {
$USAM = $User.SamAccountName
$UDN = $User.Distinguishedname
$UPN = $User.UserPrincipalName
$Memberof = Get-ADUser $USAM -properties memberof | select -expandproperty memberof | out-string
$Out = New-Object PSObject; $Out | Add-Member -type NoteProperty UPN ($UPN)
$Out | Add-Member -type NoteProperty Memberof ($Memberof); $Out | Add-Member -type NoteProperty Distinguishedname ($UDN)
$Report += $Out
}
$Report | where {$_.memberof -notlike "*YOUR GROUP NAME*"} | select UPN,Distinguishedname | export-csv C:\YOURFOLDER\File.csv
Hello,
Does it work?
Do not forget about asterisks before and after group name and OU. It works for me for any user in my specific *MyOU* and group like *domain admins*
Hi Abhishek Saxena,
How is this going?
Regards,
Melon Chen
TechNet Community Su
This topic is archived. No further replies will be accepted.
Other recent topics
Click here to get your free copy of Network Administrator. Over 25 plugins to make your life easier