Powershell Help to list Security Groups that match a pattern for each user in a csv list

Eric Moteberg 1 Reputation point

I am trying to get Security Groups for a list of members that starts with a certain sequence, e.g. "Mumbo - Jumbo -*".

I have a list of samaccountnames in a CSV file, and I want the script to find and export to a CSV only the Security Groups that match that pattern.

I can list all of the Security Groups for each member, but that's too much. Also, I want to have the samaccountname listed for each one.

Any help would be appreciated.

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,095 questions
Windows Server PowerShell
Windows Server PowerShell
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.PowerShell: A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
5,435 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Rich Matheisen 45,431 Reputation points

    I think I got your requirements right. I haven't run this code, but it looks to be substantially right:

    Get-Content ListOfUsers.txt |
            $u = $_
            (Get-ADUser $_).memberof |
                    if ($_ -match "^CN=Mumbo - Jumbo -.+,"){
                            Name = $u
                            Group = (Get-ADGroup -Identity $_).samaccountname
        } | Export-Csv SecGroupAndUser.csv -NoTypeInformation
    1 person found this answer helpful.
    0 comments No comments

  2. Limitless Technology 39,476 Reputation points


    In addition if you get an error message you will probably need to set the execution policy before you can run your script.

    Change the user preference for the execution policy of the shell.

    Set-ExecutionPolicy [-executionPolicy] Policy
    { Unrestricted | RemoteSigned | AllSigned | Restricted | Default | Bypass | Undefined}
    [[-Scope] ExecutionPolicyScope ] [-Force]
    [-whatIf] [-confirm] [CommonParameters]

    -ExecutionPolicy Policy
    A new execution policy for the shell.

       Valid values:
       Do not load configuration files or run scripts.
       This is the default.
       Require that all scripts and configuration files be signed
       by a trusted publisher, including scripts that you write on the
       local computer.
       Require that all scripts and configuration files downloaded
       from the Internet be signed by a trusted publisher.
       Load all configuration files and run all scripts.
       If you run an unsigned script that was downloaded from the
       internet, you are prompted for permission before it runs.
       Nothing is blocked and there are no warnings or prompts.
       Remove the currently assigned execution policy from the
       current scope. This parameter will not remove an execution
       policy that is set in a Group Policy scope.

    Suppress all prompts.
    By default, Set-ExecutionPolicy displays a warning whenever the
    execution policy is changed.

    -Scope ExecutionPolicyScope
       The scope of the execution policy.
       Valid values:
         Process       Affect only the current PowerShell process.
         CurrentUser   Affect only the current user.
         LocalMachine  Affect all users of the computer.
       To remove an execution policy from a particular scope, set the
       execution policy for that scope to Undefined.

    Describe what would happen if you executed the command without actually
    executing the command.

    Prompt for confirmation before executing the command.
    In order to change the Execution policy, you must be running PowerShell As Administrator.