知识这东西就像雪球,越滚越大,今天看到了这篇自己1年多前写的博文,简直弱爆了。于是更新一下程序:
2016-6-15更新,短短几行代码,就拿到了组和组成员,其中还用到了递归,以处理组成员是组的情况:
Get-ADGroup -Filter * -SearchBase "ou=test-ou,ou=vb-group,dc=corp,dc=vb" | foreach {
[PSCustomObject]@{'GroupName'=$_.name;'Members'=$null}
Get-ADGroupMember -Identity $_.name -Recursive | foreach {
[PSCustomObject]@{'GroupName'=$null;'Members'=$_.name}
}
}
以下是一年多前写的:
cd 'F:\ACL\HZ ACL'
$report = New-Item -Path .\ACL-APAC.CSV -ItemType file -Force
Add-Content -Path .\ACL-APAC.CSV -Value "GroupName,EmpNo,Name" #方法一:(后写)
Import-Csv .\Groups.CSV | ForEach-Object {
#下面这句获得组的名称,然后追加输出到CSV文件
Get-ADGroup -Filter * -SearchBase $_.GroupName | select -ExpandProperty Name | Out-File $report -Encoding ASCII -Append
#下面这个循环:将一个组中的每个成员的samAccountName, displayName存入变量$users
ForEach-Object {
$users = Get-ADGroup -Filter * -SearchBase $_.GroupName | Get-ADGroupMember | Get-ADUser -Properties samAccountName, displayName #| select -Property samAccountName, displayName
#下面这个循环:将每个成员的samAccountName, displayName追加输出到CSV文件
ForEach($user in $users) {
"," + $user.samAccountName + "," + $user.displayName | Out-File $report -Encoding ASCII -Append
}
}
}
<#方法二:(先写)
Import-Csv .\Groups.CSV | ForEach-Object {
#下面是groupname的循环
Get-ADGroup -Filter * -SearchBase $_.GroupName | select -ExpandProperty Name | Out-File $report -Encoding ASCII -Append
#下面是group里成员的循环
ForEach-Object {
$MemberSummary = Get-ADGroupMember -Identity $_.GroupName | select -Property SamAccountName
#下面是列出每个用户的完整属性
ForEach ($Member in $MemberSummary) {
$MemberDetail = Get-ADUser -Identity $Member.SamAccountName -Properties Name, displayName
#下面是最终生成的CSV中真正的员工号,姓名那一行内容
ForEach-Object {
"," + $MemberDetail.Name + "," + $MemberDetail.DisplayName | Out-File $report -Encoding ASCII -Append
}
} } }
#>