我有一个Powershell脚本来查看Domain Local组成员身份。这些小组有来自2个不同森林的成员,并且有2种信任关系。我可以返回组名和组中用户的显示名,但不能返回sAMAccountName。
Import-Module ActiveDirectory
Clear-Host
#$Cred = Get-Credential -message "Enter your Creds"
Write-Host ""
Write-Host " Gathering Groups!"
$SVUDC = "IP address of Domain Controller in the trusting forest"
$Table = @()
$Record = [ordered]@{
"Group Name" = ""
"Name" = ""
"Username" = ""
}
$Groups = (Get-AdGroup -filter * | Where-Object {$_.name -like "ACL 1SRC*" -or $_.Name -like "ACL PBI*"}).Name
Foreach ($Group in $Groups)
{
Write-Host ""
Write-Host " Gathering Data For $group!"
$Arrayofmembers = (Get-AdGroup -identity $Group -Properties * ).members
foreach ($Member in $Arrayofmembers)
{
if($Member -like "CN=S-*") {
$IdString = $Member.Split("=")[1]
$Id = $IdString.Split(",")[0]
$SVUMember = Get-AdUser -Identity $Id -Server $SVUDC #-credential $Cred
$Record."Group Name" = $Group
$Record."Name" = $SVUMember.Name
$Record."UserName" = $Member.samaccountname
$objRecord = New-Object PSObject -property $Record
$Table += $objrecord
} Else {$Usr = $Member.Split("=")[1]
$Record."Group Name" = $Group
$Record."Name" = $Usr.Split(",")[0]
$Record."Username" = $Usr.samaccountname
$objRecord = New-Object PSObject -property $Record
$Table += $objrecord }
}
}
我的.CSV文件包含3个必填列,但是“用户名”是唯一没有值的列。
组名名称用户名
ACL 1SRC 1标记M
ACL 1SRC 2马修·R
ACL 1SRC 3 Anna P