Powershell Help to list Security Groups that match a pattern for each user in a csv list

Eric Moteberg 1 Reputation point
2021-09-11T21:11:32.507+00:00

I am trying to get Security Groups for a list of members that starts with a certain sequence, e.g. "Mumbo - Jumbo -*".

I have a list of samaccountnames in a CSV file, and I want the script to find and export to a CSV only the Security Groups that match that pattern.

I can list all of the Security Groups for each member, but that's too much. Also, I want to have the samaccountname listed for each one.

Any help would be appreciated.

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,913 questions
Windows Server PowerShell
Windows Server PowerShell
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.PowerShell: A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
5,383 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Rich Matheisen 45,096 Reputation points
    2021-09-12T02:27:05.457+00:00

    I think I got your requirements right. I haven't run this code, but it looks to be substantially right: 

    Get-Content ListOfUsers.txt |
    ForEach-Object{
        $u = $_
        (Get-ADUser $_).memberof |
            ForEach-Object{
                if ($_ -match "^CN=Mumbo - Jumbo -.+,"){
                    [PSCustomObject]@{
                        Name = $u
                        Group = (Get-ADGroup -Identity $_).samaccountname
                    }
                }
            }
    } | Export-Csv SecGroupAndUser.csv -NoTypeInformation
    1 person found this answer helpful.
    0 comments
  2. Limitless Technology 39,386 Reputation points
    2021-09-14T08:18:35.727+00:00

    Hello,

    In addition if you get an error message you will probably need to set the execution policy before you can run your script.

    Set-ExecutionPolicy
    Change the user preference for the execution policy of the shell.

    Syntax
    Set-ExecutionPolicy [-executionPolicy] Policy
    { Unrestricted | RemoteSigned | AllSigned | Restricted | Default | Bypass | Undefined}
    [[-Scope] ExecutionPolicyScope ] [-Force]
    [-whatIf] [-confirm] [CommonParameters]

    Key
    -ExecutionPolicy Policy
    A new execution policy for the shell.

       Valid values:

   Restricted
   Do not load configuration files or run scripts.
   This is the default.

   AllSigned
   Require that all scripts and configuration files be signed
   by a trusted publisher, including scripts that you write on the
   local computer.

   RemoteSigned
   Require that all scripts and configuration files downloaded
   from the Internet be signed by a trusted publisher.

   Unrestricted
   Load all configuration files and run all scripts.
   If you run an unsigned script that was downloaded from the
   internet, you are prompted for permission before it runs.

   Bypass
   Nothing is blocked and there are no warnings or prompts.

   Undefined
   Remove the currently assigned execution policy from the
   current scope. This parameter will not remove an execution
   policy that is set in a Group Policy scope.

    -Force
    Suppress all prompts.
    By default, Set-ExecutionPolicy displays a warning whenever the
    execution policy is changed.

    -Scope ExecutionPolicyScope
   The scope of the execution policy.

   Valid values:
     Process       Affect only the current PowerShell process.
     CurrentUser   Affect only the current user.
     LocalMachine  Affect all users of the computer.

   To remove an execution policy from a particular scope, set the
   execution policy for that scope to Undefined.

    -WhatIf
    Describe what would happen if you executed the command without actually
    executing the command.

    -Confirm
    Prompt for confirmation before executing the command.
    In order to change the Execution policy, you must be running PowerShell As Administrator.