Get list of Active Directory groups and its members regarding group description

0
votes

I would like to get a list of Active Directory groups and their members (users) based on a group description (text). It would be great if the output file would be in the format:

Group1
User1
User2
User3
Group2
User2
User3
Group3
User1
.....

So far I got to the list of groups that contains text that is in the description. I was not able to get members of these groups.

Get-Adgroup -Filter * - Properties Name, Description | Select Name, Description | Where-Object {$_.Description -eq "description-text"}

I did get a list of Groups (Name) and Description only containg Groups that have desired description. I tried to continue with | Get-AdGroupMember -Identity but did not get anywhere.

1
powershell
You could pipe to Get-ADGroup -Prop Name,Members, and then run each through a ForEach-Object loop that outputs first the name, then the members.TheMadTechnician
this >>> Select Name, Description <<< says "throw away all the properties EXCEPT the ones listed" ... and the Get-ADGroupMember cmdlet needs the identity info that you threw out. [grin]Lee_Dailey

1 Answers

0
votes

It's more efficient to filter closer to the left end of the pipeline as possible, i.e., for description. Try something like this:

# Gets all groups with the specific description
$Groups = Get-ADGroup -Filter "Description -like 'description-text'"
# Iterate through the list of groups
foreach ($Group in $Groups) {
    $Group.Name  # Outputs the group name
    $Users = $Group | Get-ADGroupMember  # Gets the list of users in that group
    $Users.Name  # Outputs all the users' names
}