Hi All,
I am working on a script for my team and and it is supposed to gather information about profiles on a remote host and once it identifies the domain users who logged on to that machine get each user's AD group membership.
I got stuck at this:
$computer = targetcomp
$domainBits = 'S-1-5-21-blablabla'
Get-WmiObject -Class Win32_UserProfile -Computer $computer |
Where-Object{ $_.SID -match $domainBits } |
ForEach-Object{
$sid=$_.sid
get-aduser -filter "SID -eq '$sid'"
}
Now I am stuck at getting their properties as Get-AdPrincipalGroupMembership does not work for users who belong to groups with special characters.
In some other script I used (get-aduser $user -Properties MemberOf | select MemberOf).MemberOf | % {$_.split(",")[0].replace("CN=","")}
which gets the groups in a nice and readable format, but I am having problems adapting it to my needs.
Someone suggested:
$computer = targetcomp
$domainBits = 'S-1-5-21-blablabla'
$properties = @(
'samaccountName',
@{ N = 'MemberOf'; E = { ($_ | Get-AdPrincipalGroupMembership).Name } }
)
$computer='$computer'
Get-WmiObject -Class Win32_UserProfile -Computer $computer |
Where-Object{ $_.SID -match $domainBits } |
ForEach-Object{
$sid=$_.sid
get-aduser -filter "SID -eq '$sid'"
} |
select $properties
But in this case the problem of groups with special characters is encountered.
Does any have any ideas on how to solve this? I am not great with PoSh and got totally stuck.
I would like to get a CSV or HTML file with clearly readable group names.