Filtering Output from an AD Query of Nested Groups

Below is code that is working very well but gives more information than I require.

I'm trying to filter out accounts that do not have an account expiry as well as accounts that are disabled.
No amount of -filter combinations I try is successful and any help would be greatly appreciated.

______________________________

function Get-ADNestedGroupMembers {
[cmdletbinding()]
param (
[String] $GroupName
)            

import-module activedirectory
$Members = Get-ADGroupMember -Identity $GroupName
$members | % {
    if($_.ObjectClass -eq "group") {
        Get-ADNestedGroupMembers -GroupName $_.distinguishedName
    } else {
        return $_.distinguishedname
    }
}            

}
import-module activedirectory
Get-ADNestedGroupMembers -groupname "DN Refurb" | 
    `Get-ADUser -Prop Description,samAccountName,AccountExpirationDate | 
    `Select-Object Name,samAccountName,AccountExpirationDate | 
    `Sort-Object AccountExpirationDate | 
    #`Format-Table -property * -AutoSize | 
    `ConvertTo-HTML | Out-File C:\Temp\AccountExpiry.htm

Invoke-Expression C:\Temp\AccountExpiry.htm

February 23rd, 2015 9:43am

You do not need to use all of that code.

 Get-ADGroupMember $groupName -recursive | 
    Get-AdUser |
    Where{-not $_.AccountExpirationDate -and $_.Enabled} |
    Select-Object Name,samAccountName,AccountExpirationDate | 
    Sort-Object AccountExpirationDate
Free Windows Admin Tool Kit Click here and download it now
February 23rd, 2015 10:16am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics