如何从powershell输出中删除额外的参数

时间:2018-01-14 07:24:09

标签: powershell

我有以下脚本来获取域中的所有用户及其组成员身份。在输出中,如果您看到我有组名但它们的格式为CN,我想格式化输出并获取组名。 

Get-ADUser -Server "dc.domain.com" -Properties * | select-object -property Name,samAccountName,@{N="MemberOf";E={$_.MemberOf -join ","}},@{N="PrimaryGroup";E={$_.PrimaryGroup -join ","}} | export-csv C:\Temp\userdetails.csv    


"Name","samAccountName","MemberOf","PrimaryGroup"
 "Administrator","Administrator","CN=Group Policy Creator Owners,CN=Users,DC=SMSNOW,DC=COM,CN=Domain Admins,CN=Users,DC=SMSNOW,DC=COM,CN=Administrators,CN=Builtin,DC=SMSNOW,DC=COM","CN=Domain Users,CN=Users,DC=SMSNOW,DC=COM"

要明确我想要输出

"Name","samAccountName","MemberOf","PrimaryGroup"
"Administrator","Administrator","Group Policy Creator Owners,Users,Domain Admins,Users,Administrators,Builtin,","Domain Users,Users"

非常感谢帮助!!

2 个答案:

答案 0 :(得分:1)

您没有说出您所使用的PoSH版本,但您只想使用群组和成员,

试试这个...... 

# Get all AD groups and the members
 ForEach ($GroupName in (Get-ADGroup -Filter *))
 {
 "The AD Group $GroupName.Name members are:"
 Get-ADGroupMember -Identity $GroupName.Name | Select Name
 "`n"
 }

结果... 

The AD Group CN=WinRMRemoteWMIUsers__,CN=Users,DC=contoso,DC=com Name members are:

The AD Group CN=Administrators,CN=Builtin,DC=contoso,DC=com Name members are:

Name
----
Domain Admins
Enterprise Admins
Administrator

The AD Group CN=Users,CN=Builtin,DC=contoso,DC=com Name members are:

Name
----                                          
Domain Users
Authenticated Users
INTERACTIVE
Labadmin
...

根据您的PoSH版本,您可以使用此... 

# Get users and their groups memberships
 (Get-ADUser -Filter *) | % {
 "`nThe user " + $_.SamAccountName + ', is in the following AD Groups: '
 Get-ADPrincipalGroupMembership $_.SamAccountName |
 Select Name,GroupCategory,GroupScope } |
 Format-Table -AutoSize

结果...... 

The user Administrator, is in the following AD Groups: 

Name                                   GroupCategory  GroupScope
----                                   -------------  ----------
Domain Users                                Security      Global
Administrators                              Security DomainLocal
Schema Admins                               Security   Universal
Enterprise Admins                           Security   Universal
Domain Admins                               Security      Global
...

The user Guest, is in the following AD Groups: 
Domain Guests                               Security      Global
Guests                                      Security DomainLocal

The user krbtgt, is in the following AD Groups: 
Domain Users                                Security      Global
Denied RODC Password Replication Group      Security DomainLocal
...

答案 1 :(得分:1)

简短回答:您可以使用foreach循环扩展计算属性,以提取每个单独的组名称,如下所示:

Get-ADUser -Server "dc.domain.com" -Properties * | 
    Select-Object -Property Name,samAccountName,@{Name="MemberOf";Expression={$_.MemberOf | ForEach-Object {Get-ADGroup -Identity $_ | Select-Object -ExpandProperty Name}}},@{Name="PrimaryGroup";Expression={$_.PrimaryGroup -join ","}} | 
        Export-Csv  -Path C:\Temp\userdetails.csv
相关问题
最新问题