Powershell Help to list Security Groups that match a pattern for each user in a csv list

Eric Moteberg 1 Reputation point
2021-09-11T21:11:32.507+00:00

I am trying to get Security Groups for a list of members that starts with a certain sequence, e.g. "Mumbo - Jumbo -*".

I have a list of samaccountnames in a CSV file, and I want the script to find and export to a CSV only the Security Groups that match that pattern.

I can list all of the Security Groups for each member, but that's too much. Also, I want to have the samaccountname listed for each one.

Any help would be appreciated.

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,095 questions
Windows Server PowerShell
Windows Server PowerShell
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.PowerShell: A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
5,435 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Rich Matheisen 45,431 Reputation points
    2021-09-12T02:27:05.457+00:00

    I think I got your requirements right. I haven't run this code, but it looks to be substantially right:

    Get-Content ListOfUsers.txt |
        ForEach-Object{
            $u = $_
            (Get-ADUser $_).memberof |
                ForEach-Object{
                    if ($_ -match "^CN=Mumbo - Jumbo -.+,"){
                        [PSCustomObject]@{
                            Name = $u
                            Group = (Get-ADGroup -Identity $_).samaccountname
                        }
                    }
                }
        } | Export-Csv SecGroupAndUser.csv -NoTypeInformation
    
    1 person found this answer helpful.
    0 comments No comments

  2. Limitless Technology 39,476 Reputation points
    2021-09-14T08:18:35.727+00:00

    Hello,

    In addition if you get an error message you will probably need to set the execution policy before you can run your script.

    Set-ExecutionPolicy
    Change the user preference for the execution policy of the shell.

    Syntax
    Set-ExecutionPolicy [-executionPolicy] Policy
    { Unrestricted | RemoteSigned | AllSigned | Restricted | Default | Bypass | Undefined}
    [[-Scope] ExecutionPolicyScope ] [-Force]
    [-whatIf] [-confirm] [CommonParameters]

    Key
    -ExecutionPolicy Policy
    A new execution policy for the shell.

       Valid values:
    
       Restricted
       Do not load configuration files or run scripts.
       This is the default.
    
       AllSigned
       Require that all scripts and configuration files be signed
       by a trusted publisher, including scripts that you write on the
       local computer.
    
       RemoteSigned
       Require that all scripts and configuration files downloaded
       from the Internet be signed by a trusted publisher.
    
       Unrestricted
       Load all configuration files and run all scripts.
       If you run an unsigned script that was downloaded from the
       internet, you are prompted for permission before it runs.
    
       Bypass
       Nothing is blocked and there are no warnings or prompts.
    
       Undefined
       Remove the currently assigned execution policy from the
       current scope. This parameter will not remove an execution
       policy that is set in a Group Policy scope.
    

    -Force
    Suppress all prompts.
    By default, Set-ExecutionPolicy displays a warning whenever the
    execution policy is changed.

    -Scope ExecutionPolicyScope
       The scope of the execution policy.
    
       Valid values:
         Process       Affect only the current PowerShell process.
         CurrentUser   Affect only the current user.
         LocalMachine  Affect all users of the computer.
    
       To remove an execution policy from a particular scope, set the
       execution policy for that scope to Undefined.
    

    -WhatIf
    Describe what would happen if you executed the command without actually
    executing the command.

    -Confirm
    Prompt for confirmation before executing the command.
    In order to change the Execution policy, you must be running PowerShell As Administrator.