0

I'm trying to get only enabled members which are in multiple groups but not sure how to achieve this in the format I want. My current script is as follows.

$GroupList = @('GroupA','GroupB'
 )

$Groupusers  = @()


foreach ($Groups in $GroupList)
{


$Groupusers += Get-ADGroupMember -Identity $Groups | select @{Name="Groups";Expression={$Groups}},name



}


$Groupusers | Export-Csv -Path "C:\Users\Me\Documents\users.csv" -NoTypeInformation -Encoding Unicode

The above script works and formats the output for what I am after but this also includes even the disabled users.

Output:

Group name

GroupA UserA
GroupB UserB

I have tried the following script, this gives me the all the enabled user but not in a format like the above script.


$groupname = @('GroupA', 'GroupB')

$Groupusers=@()


foreach ($group in $groupname)
{


$Groupusers += Get-ADGroupMember -Identity $group | ? {$_.objectclass -eq "user"}



}


$result= @()


foreach ($activeusers in $Groupusers)


{


$result += (Get-ADUser -Identity $activeusers | ? {$_.enabled -eq $true} | select Name, Enabled)


}


$result

How can I achieve the output above but with only enabled users? Thanks.

guar
  • 1

1 Answers1

0

if you want to keep the formatting of the first script, this should work for you. Just create a second array to hold only the $groupusers who are enabled, and write just that subset to your output file.

$GroupList = @('GroupA','GroupB')

$Groupusers  = @()


foreach ($Groups in $GroupList)
{


$Groupusers += Get-ADGroupMember -Identity $Groups | select @{Name="Groups";Expression={$Groups}},name  




}


$activeusers = @()
foreach ($user in $Groupusers)
{
$n = $user.name
$props = get-aduser -filter "name -eq '$n'" | select samaccountname, enabled
  if ($props.enabled)
  {


$activeusers += $user



}
}


$activeusers | Export-Csv -Path "C:\Users\Me\Documents\users.csv" -NoTypeInformation -Encoding Unicode
Dallas
  • 258
  • 2
  • 8