Author Posts

April 15, 2016 at 3:37 am

Hi all

Am trying to export a list of usernames from a security group, the users in this group are spread over multiple domains. – The following command gets me a list of usernames but what would i need to add in to get which domain the user is on too?

Get-ADGroupMember -identity “GROUPNAME” | select SamAccountName | Export-csv -path C:\Output\Groupmembers.csv -NoTypeInformation

Thanks

April 15, 2016 at 7:17 am

Hi Marc,

If you can rely on Active Directory domain name for your domains being the same as DNS domain then you can use following:

function Get-CompanyDomain {
    param (
        [string]$DirectoryDN
    )

    $directory_dn_parts = $DirectoryDN.ToLower() -split "dc="
    
    $dns_domain = ''
    for ($loop = 1; $loop -lt $directory_dn_parts.Length; $loop ++) {
        $dns_domain += $directory_dn_parts[$loop].Replace(',','') + '.'
    }

    ### $netbios_domain = Insert NetBIOS domain information if needed

    $company_domain_property = [ordered] @{
        'DNSDomain' = $dns_domain
        'NetBIOSDomain' = $netbios_domain
    }
    $company_domain = New-Object -TypeName PSObject -Property $company_domain_property
    $company_domain
}

Your export line then will look like this:

Get-ADGroupMember -identity “GROUPNAME” | select sAMAccountName,@{Name='Domain';Expression={(Get-CompanyDomain -DirectoryDN $PSItem.distinguishedName).DNSDomain}}

Hope this helps

April 15, 2016 at 7:21 am

DistinguishedName or CanonicalName would give you an idea which domain this user belongs to.

April 22, 2016 at 9:37 am

Hey Marc

If you can download and install the Quest AD Cmdlets from software.dell.com try this:

get-qadgroupmember -identity "x" | get-qaduser | Select DisplayName,NTAccountName,Domain,SamAccountName | export-csv -notypeinformation -delimiter ";" -path xmembers.csv -append.

I've just tried it in my customers prod forest. works 100%

April 24, 2016 at 9:46 pm

Hi Marc

Hopes This Info Helps You .

$matches=''
$GMDetails = Get-ADGroupMember $GoupName | select-object -property SamAccountName,distinguishedName 


Foreach($G in $GMDetails){$DN = $G.distinguishedName -replace ',DC=','.'
	$C = ($DN.Split('.')).count -1
	$DN -match "(\.[a-z]+){$C}"
	$matches[0]|foreach-object -process{
	New-Object -TypeName PSObject -Property @{
	SamAccounName=$G.SamAccountName
	Domain=$_.Substring(1)
 	}
  }
}