Tuesday, December 17, 2013

Export AD group members – nested / recursive group members – input via textfile

Hi Readers,

This script is the extension of below script


The only difference is: It takes input of group names from text file & you can run this
for multiple groups.

You just have to put CN of a group (otherwise it will not work) in the text file.
"groupname.txt"

Extract the script & paste it anywhere.

run the batch file, output will be saved in results folder


uniquemembers is the list of users that are part of the group & unique group is the name of groups that are nested.(including the main group)

Machine from which you are running it must have "ADSI Edit"--this is part of administration tools

Note:- don't forget to delete the output files if the script has been run previously.

Don't for get to rate if this worked for you :)

Download it from below link:-


reach me:-  http://msexchange.me

##################################################################################  
#       Author: Vikas Sukhija  
#       Date: 06/31/2013  
#       Modified:12/07/2013 
#       Description: Extract group members recursevely  
#       Modification: Take input from text files 
###################################################################################  

get-content .\groupname.txt | foreach-object { 

$Group = $_ 
$groups = ".\results\" + "groups_" + $_ + "_.txt" 
$members = ".\results\" + "members_" + $_ + "_.txt" 
$uniquemembers1 = ".\results\" + "uniquemembers_" + $_ + "_.txt" 
$uniquegroups1 = ".\results\" + "uniquegroups_" + $_ + "_.txt" 

######################check if object is group or not ############################# 
function checkgroup ($Group1) 
{ 

$Search = New-Object DirectoryServices.DirectorySearcher([ADSI]"") 
$Search.filter = "(&(objectCategory=group)(objectClass=group)(cn=$Group1))" 
$input=$Search.Findall() 

if($input -ne $null) 
{ 
##Write-Host "$Group1 is a valid" 
return $true 
} 
else  
{ 
##Write-Host "$Group1 is a invalid" 
return $false 
} 
} 
##################################Recurse thru groups ############################## 

function getallmembersrecursively ($Group)  
{  
$Search = New-Object DirectoryServices.DirectorySearcher([ADSI]"")  
$Search.filter = "(&(objectCategory=group)(objectClass=group)(cn=$Group))"  
$input=$Search.Findall()  

if($input -ne $null)  
{  
Foreach($group in $input){  
$groupname = $group.GetDirectoryEntry()  
$GPName = $groupname.DistinguishedName  
$GPMember = $groupname.member  
$GPName1 = [string]$GPName  
$gsplit1 = $GPName1.split(",")  
$fpiece1 = $gsplit1[0]  
$cnsplit1 = $fpiece1.split("=")  
$GPName2 = $cnsplit1[1]  

Write-Host "$GPName2 is a Group"  
Add-Content $groups $GPName2  

####get all groups from file to compare so as there is no circular nesting 

$getallgroups = Get-Content $groups 

Foreach($gmember in $GPMember){  
$gsplit = $gmember.split(",")  
$fpiece = $gsplit[0]  
$cnsplit = $fpiece.split("=")  
$Name = $cnsplit[1]  

$result = checkgroup $Name 

if ($result -eq "true") 
{ 
    if ($getallgroups -contains $Name) 
        { 
            Write-Host "$Name equals $GPName2" 
            #####not needed for troubleshooting######Add-Content .\conflict.txt "$Name equals $getallgroups -----"   

        } 
    else  
        { 
            #####not needed for troubleshooting######Add-Content .\donotconflict.txt "$Name recurse" 
            getallmembersrecursively $Name 
        } 
} 

else 
{ 
Write-Host $Name 
Add-Content $members $Name  
##############Write-Host "$Name not equals $GPName2" 

}  
}  
}  
}  
} 
####################################################################### 
getallmembersrecursively $Group  
sleep 5  
#########################unique members################################  

$uniquemembers = Get-Content $members 
$uniquemembers = $uniquemembers | select -uniq  
Add-Content $uniquemembers1 $uniquemembers  

$uniquegroups = Get-Content $groups 
$uniquegroups = $uniquegroups | select -uniq  
Add-Content $uniquegroups1 $uniquegroups  

}  
#######################################################################  

Regards 
Sukhija Vikas

No comments:

Post a Comment