Run process on OU but include an exclusion group?

Welcome Forums General PowerShell Q&A Run process on OU but include an exclusion group?

This topic contains 3 replies, has 3 voices, and was last updated by

 
Participant
8 months ago.

  • Author
    Posts
  • #95984

    Participant
    Points: 1
    Rank: Member

    Hi All,

    I have a Powershell script that queries a specified OU for computer names and then runs a batch script on each computer (the script kicks off a reboot but prompts the user to cancel if they'd like). I would like to know how I can specify an exclusion group in this script. Say I have a group in Active Directory called WeekendRebootExclusion with some computers as members. How would I exclude these machines from the process in the script?

    Import-Module ActiveDirectory
    
    Get-ADComputer -SearchBase 'OU=Reboot Test,OU=Workstations,OU=Test,DC=abc,DC=xyz,DC=com' -Filter '*' | Select -Exp Name |
     ForEach-Object{
            Start-Process "WeekendReboot.bat" $_
        }
    
  • #95987

    Keymaster
    Points: 1,624
    Helping HandTeam Member
    Rank: Community Hero

    There's no easy way to do that, because AD doesn't track information quite that way.

    Inside your ForEach loop, before your Start-Process command, you'll need to check and see if the computer is a MemberOf that group. If it is, then don't run your Start-Process (an If{} construct).

  • #95991

    Participant
    Points: 1
    Rank: Member

    Hi,

    if you take memberof property and then use where to filter out those accounts.

    
    Import-Module ActiveDirectory
    
    Get-ADComputer -SearchBase 'OU=Reboot Test,OU=Workstations,OU=Test,DC=abc,DC=xyz,DC=com' -Filter * -Properties memberof | where {$_.memberof -notmatch 'WeekendRebootExclusion'} |
     ForEach-Object{
            Start-Process "WeekendReboot.bat" $_.name
        }
    
    
  • #96057

    Participant
    Points: 1
    Rank: Member

    Thanks guys, I ended up going this route:

    Import-Module ActiveDirectory
    
    $Exclude = Get-ADGroupMember RES_RebootExclusionTest | Select -Exp Name
    
    Get-ADComputer -SearchBase 'OU=Reboot Test,OU=Workstations,OU=Test,DC=abc,DC=xyz,DC=com' -Filter '*' | Select -Exp Name |
     ForEach-Object{
     	if($Exclude -notcontains $_){
            	Start-Process "WeekendReboot.bat" $_
            }
        }
    

The topic ‘Run process on OU but include an exclusion group?’ is closed to new replies.