powershellcsv

Custom Active Directory export

I have been working on a custom script to leverage a bulk export of specific active directory data for 1.5k servers. The data i am looking for is Name, AD description and one AD Group with a specific pattern in its name (G_SCCM). After a few days of testing out various methods to achieve this i was able to come up with this script.

$computers = Get-Content 'path.txt' 
foreach ($computer in $computers)
 
{get-adcomputer -Identity $computer -Properties * | Select-Object name, description |
Export-Csv -path 'path' -append
}

I need to export data from AD for a list of servers. For each server, I need its Name, Description, and MemberOF properties. The group membership I'm interested in should start with G_SCCM. We have over 30 maintenance groups for patching, so it's not feasible to look individually in each group for its members. I tried using the MemberOF property, but it returns a blank statement every time. If the computer object is not a member of any groups that start with G_SCCM, highlight or leave the cell blank upon export.

Solution

  • Since you're looking for the groupmembership for multiple groups I'd collect these groups first to be able to use them to compare the list of memberships a server has against.

    $ServerList = Get-Content -Path 'path.txt'
$GroupList = Get-ADGroup -Filter "Name -like '*G_SCCM*'" -SearchBase 'OU=Groups,DC=Contoso,DC=de'
$LookUpTable = $GroupList | 
    Select-Object -Property DistinguishedName, sAMAccountName | 
        Group-Object -AsHashTable -Property DistinguishedName

$Result = 
foreach ($ComputerName in $ServerList) {
    $ADComputer = 
        Get-ADComputer -Identity $ComputerName -Properties Description, MemberOf
    $MembershipList = 
        (Compare-Object -ReferenceObject $GroupList.DistinguishedName -DifferenceObject $ADComputer.MemberOf -IncludeEqual -ExcludeDifferent).InputObject
    [PSCustomObject]@{
        Name          = $ComputerName
        Description   = $ADComputer.Description
        G_SCCM_Member = if ($MembershipList) {$LookUpTable[$MembershipList].sAMAccountName -join ', ' } else {'n/a' }
    }
}
$Result | 
Export-Csv -Path 'Path.csv' -NoTypeInformation
$Result

    This way you get the name, description and all groups with G_SCCM in their name the server is member of.