Author Posts

December 1, 2016 at 2:54 am

Hello All,

I'm looking to get all members of an AD group and sort users by manager. It would be even better if somehow we could pipe to out-file for either text file or csv, creating a separate file depending on who their manager is.

So if I have an AD group with 99 users and they're split evenly between 3 managers, the output would be 3 txt or csv files, 1 for each manager that would list the 33 users under them.

Get-ADGroupMember -Identity 'GroupName' | Get-ADUser -Properties Name,Manager

That is all I have so far... not much I know.

I've tried using ForEach-Object without success. I've tried Sort-Object without success. I've tried Select-Object without success.

And when I run the code above, it returns more properties than just Name and Manager.

Thank you in advance!

December 1, 2016 at 10:19 am

Get-ADGroupMember -Identity 'GroupName' | Get-ADUser -Properties Name,Manager | Select-Object -Property Name,Manager | Sort-Object -Property  Manager,Name

Of course you can pipe this to whatever you like. Foreach-Object to split it by Manager, Out-File, Export-CSV ....

December 1, 2016 at 12:22 pm

Worth noting is that the "Manager" attribute on the AD-user is the managers distinguishedname.
So depending on the output you want, you may need some extra code (e.g. calling get-aduser with the manager DN).

December 1, 2016 at 4:53 pm

Hi

Maybe something like this could help. After that you can Export or sort the $collection how you want.

$collection = New-Object System.Collections.Generic.List[System.Object]

    $Group = "ADGroup1"
    $infos = Get-ADGroupMember -Identity $Group | Get-ADUser -Properties Name,Manager

    ForEach ($info in $infos) {

        $Obj = @{User = $info.Name
                 Manager = Get-ADUser -Identity $info.Manager | select -ExpandProperty SamAccountName
                 Group = $Group
                }
        $out = New-Object -TypeName psobject -Property $Obj

        $collection.Add($out)
    }


$collection | Sort-Object -Property Manager, Name

I created 100 ADGroups and tried to get list of all of them and this worked nicely.

$ii = 1..100

ForEach ($i in $ii) {

    $Group = "ADGroup$i"
    $infos = Get-ADGroupMember -Identity $Group | Get-ADUser -Properties Name,Manager | Select-Object -Property Name,Manager

    ForEach ($info in $infos) {

        $Obj = @{User = $info.Name
                 Manager = Get-ADUser -Identity $info.Manager | select -ExpandProperty SamAccountName
                 Group = $Group
                }
        $out = New-Object -TypeName psobject -Property $Obj

        $collection.Add($out)
    }
}

$collection | Sort-Object -Property Manager, Name

Jake

December 1, 2016 at 7:52 pm

Thank you Jarkko Vepsäläinen! This is just about exactly what I was looking for.

Just for background, our main goal was to create SCCM collections based on AD groups and we wanted to make groups per manager... he simultaneously burst my bubble and blew my mind as we were able to create query based collections querying the manager attribute in AD.

Thank you very much though as this will help in the future.

December 1, 2016 at 8:03 pm

Just a heads up, you are working on the assumption that your groups contain only users, and that your managers are all users. It is better to use get-adobject, confirm the object type if necessary, or skip them if not relevant.

December 1, 2016 at 8:39 pm

Hi

Yes Ron, Good point.

This should fix it so it only get's user accounts.

$infos = Get-ADGroupMember -Identity $Group | Where {$_.ObjectClass -eq 'user'} | Get-ADUser -Properties Name,Manager | Select-Object -Property Name,Manager

Note that if there's nested Groups this won't show those, those needs to be get otherwise.

Jake