Return true\false from foreach

Tagged: 

This topic contains 7 replies, has 4 voices, and was last updated by  Gary Smith 11 months, 3 weeks ago.

  • Author
    Posts
  • #43504

    Gary Smith
    Participant

    Hi guys, i'm missing something here.
    How can I return a true or false value from a foreach loop?

    	ForEach ($Group in $Groups)
    	{
    	Get-ADGroup -Filter {memberOf -RecursiveMatch $SearchDN} -SearchBase $Group | Select Name
    	}
    
  • #43508

    Gary Smith
    Participant

    Thought I better put the whole function for clarity

    Function Find-NestedGroup {
    
    Param(
    	[Parameter(Mandatory=$true)]
    	[string]$UserName,
    	[Parameter(Mandatory=$true)]
    	[string]$SearchGroup
    	)
    	
    	Import-Module ActiveDirectory
    	
    
    	$SearchDN = (Get-ADGroup $SearchGroup).DistinguishedName
    
    	$Groups = Get-ADUser $UserName -Properties MemberOf
    
    	ForEach ($Group in $Groups)
    	{
    	Get-ADGroup -Filter {memberOf -RecursiveMatch $SearchDN} -SearchBase $Group | Select Name
    	}
    }
    
  • #43510

    AK
    Participant

    Don't think I'm getting the whole picture here, but you could use try/catch.

    • This reply was modified 1 year, 2 months ago by  AK.
  • #43513

    Gary Smith
    Participant

    I just want to know if the user is in a group or a member of its nested group. I don't care what the group is at this point, i just want it to do different things if it is true or false.

    What I was trying was this but its wrong. It always returns true.

    Function Find-NestedGroup {
    
    Param(
    	[Parameter(Mandatory=$true)]
    	[string]$UserName,
    	[Parameter(Mandatory=$true)]
    	[string]$SearchGroup)
    	
    	Import-Module ActiveDirectory
    
    	$SearchDN = (Get-ADGroup $SearchGroup).DistinguishedName
    
    	$Groups = Get-ADUser $UserName -Properties MemberOf
    
    	$test = ForEach ($Group in $Groups)
    		{
    		Get-ADGroup -Filter {memberOf -RecursiveMatch $SearchDN} -SearchBase $Group | Select Name
    		}
    	
    	if(!$test)
    		{return $true}
    	else
    		{return $false}
    }
    
    • This reply was modified 1 year, 2 months ago by  Gary Smith.
  • #43525

    Justin King
    Participant

    Try imbedding your output in the foreach instead of trying to catpure it.

    Function Find-NestedGroup {
    
    Param(
    	[Parameter(Mandatory=$true)]
    	[string]$UserName,
    	[Parameter(Mandatory=$true)]
    	[string]$SearchGroup)
    	
    	Import-Module ActiveDirectory
    
    	$SearchDN = (Get-ADGroup $SearchGroup).DistinguishedName
    
    	$Groups = Get-ADUser $UserName -Properties MemberOf
    
    	[bool]$test = $False
    	ForEach ($Group in $Groups) {
    		If (Get-ADGroup -Filter {memberOf -RecursiveMatch $SearchDN} -SearchBase $Group) {
                        $Test = $True
                        break
                        }
    		}
            return $test
    }
    

    Completely untested but this is where I'm leaning.

    • This reply was modified 1 year, 2 months ago by  Justin King.
  • #43848

    Peter Jurgens
    Participant

    It may be easiest to enumerate ALL members of the group (recursive to include members of nested groups) and check if the user in question is in there. Like this:

    "usersamaccountname" -in $(Get-ADGroupMember "Group" -Recursive).samaccountname
    

    I tested this and it worked for me

  • #44101

    Gary Smith
    Participant

    Not sure where my other went. perhaps I forgot to submit it.

    I feel like Justin's way should work, I just have to tweak it I think. Unfortunately, we have just lost staff so I have not had a chance to really try this yet.

    Peter, your way wouldn't work in my case or would probably take too long to enumerate through all the DL's and sub-DL's

  • #52299

    Gary Smith
    Participant

    Hey guys, sorry for the delay. This did work OK in the end
    There are some changes but still has same functionality over all.

    Param(
    [Parameter(Mandatory=$true)][string]$DL,
    [Parameter(Mandatory=$true)][string]$UserName)
    	
    Import-Module ActiveDirectory
    
    
    $DLdn = (Get-ADGroup $DL).DistinguishedName
    $UsersGroups = (Get-ADUser $UserName -Properties MemberOf).MemberOf
    
    ForEach ($Group in $UsersGroups) {
    	If (Get-ADGroup -Filter {memberOf -RecursiveMatch $DLdn} -SearchBase $Group) {
    	[System.Environment]::Exit(0) #Script exits with Success (Member already in Group or Nested)
        } #Exit If
    	} #Exit ForEach
    
    [System.Environment]::Exit(1) #Script exits with Failure (Member not found in Group or Nested)
    

You must be logged in to reply to this topic.