先參考這篇 取得 AD 群組成員的指令 Group Members List
本篇為進階用,產生報表用
#-------------------------------------------------------
$OUFileter = 0
$UserOU = "OU=Users,DC=Contoso,DC=com"
$Groups = @()
$Groups += "Users_Group"
#-------------------------------------------------------
#-------------------------------------------------------
$Global:MemberGroups = @()
$Global:MemberUsers = @()
$Global:UpperGroup = "";
$Global:Hierarchy = "";
Function Get-NestedGroupMember($Groups) {
$Groups | foreach {
if ($_ -ne "") {
if ($_ -eq $Global:UpperGroup) {
$MoreTab = "`t"+$MoreTab;
} else {
$Global:Hierarchy += ("`n" + $MoreTab + $_ + "`n");
};
Get-ADGroupMember -Identity $_ | select Name,ObjectClass -uniq | foreach {
if ($_.ObjectClass -eq "Group") {
$Global:MemberGroups += ($_.Name)
$GroupDescription = "";
$GroupManagedBy = "";
$GroupInfo = Get-ADGroup -Identity $_.Name -Properties ManagedBy,Description;
if ($GroupInfo.Description -ne $null) {
$GroupDescription = " (" + $($GroupInfo.Description -Replace $($_.Name + " "),"") + ")";
};
if ($GroupInfo.ManagedBy -ne $null) {
$GroupManager = Get-ADUser $GroupInfo.ManagedBy | select Name,GivenName
$GroupManagedBy = " [Group Managed By: " + $GroupManager.Name + $GroupManager.GivenName + "]";
};
$Global:Hierarchy += ("`n" + $MoreTab + "`t" + $_.Name + $GroupDescription + $GroupManagedBy + "`n");
$Global:UpperGroup = $_.Name;
Get-NestedGroupMember($_.Name)
} else {
if ($OUFilter -eq 1) {
$RightOU = Get-ADUser -Identity $_.Name -Properties * | Select DistinguishedName | Select-String -Pattern $UserOU
} else {
$RightOU = $_.Name
}
if ($RightOU) {
$Global:MemberUsers += ($_.Name)
$Global:Hierarchy += ($MoreTab + "`t" + $_.Name + " (" + $(Get-ADUser $_.Name | select GivenName).GivenName + ")"+ "`n");
}
}
}
}
}
}
Get-NestedGroupMember($Groups)
$Global:MemberUsers = $Global:MemberUsers | select -uniq
$Global:MemberGroups = $Global:MemberGroups | select -uniq
$Return = ""
$Return += "=== Groups : $($Global:MemberGroups.Count) ===`r`n"
$Global:MemberGroups | forEach {
$Return += "$($_)`r`n"
}
$Return += "`r`n"
$Return += "=== Users : $($Global:MemberUsers.Count) ===`r`n"
$Global:MemberUsers | forEach {
$Return += "$($_)`r`n"
}
Write-Host $Return
$Return += "`n`n=== Hierarchy ===`r`n"
Write-Host $Global:Hierarchy
$Return += $Global:Hierarchy
$FileName = "GetMultiNestedGroupMembersHierarchy.txt"
$Return | Out-File $FileName
exit
#-------------------------------------------------------
#-------------------------------------------------------
沒有留言:
張貼留言