Powershell Get-Groupmembers into Out-GridView-CodePudding

I wanna use Out-GridView to display members of a selected AD group. It would be nice if I could get all members (computers, other groups, users) but at least users is mandatory. I have this code now:

    Import-Module ActiveDirectory
$groups = Get-ADGroup -Filter * -Searchbase "OU=Groups,DC=domain,DC=int"|
    Select-Object @{n="Group"; e={$_.Name}}, DistinguishedName |Sort-Object "Group"|
    Out-GridView -Title "Select a group, then click OK"  -PassThru
$accounts = Foreach ($group in $groups) {Get-ADGroupMember -Identity $group.DistinguishedName -Recursive}

$report = Get-ADUser -Identity $account -Properties *|
    Select-Object name, SamAccountName, EmailAddress, EmployeeID, TelephoneNumber, Created, Department, City| 
    Out-GridView -Title "The members of the group"  -PassThru

At the moment I can search for the group , select it and then I do not get all the members. just one, I think. And also only a user cause it's Get-ADuser. Can anyone help me?

Or maybe there is a similar powershell frontend somewhere in the internet?

CodePudding user response：

Since Get-ADGroupMember can return 3 different types of AD objects, you cannot blindly use Get-ADUser on each of the returned objects.
What is more, not all of these different objects have the same properties you want shown in your grid view, so you need some method of capturing properties they have in common, while leaving others blank.

Try:

Import-Module ActiveDirectory

$groups = Get-ADGroup -Filter * -Searchbase "OU=Groups,DC=domain,DC=int" |
          Select-Object @{Name = "Group"; Expression = {$_.Name}}, DistinguishedName | Sort-Object "Group"

# show the groups in a grid view and have the user select one item  
$selected = $groups | Out-GridView -Title "Select a group, then click OK" -PassThru

# if not cancelled
if ($selected) {
    # loop through the members of the selected group and capture the resulting objects in variable $result
    $result = foreach ($member in (Get-ADGroupMember -Identity $selected.DistinguishedName -Recursive)) {
        $account = switch ($member.objectClass) {
            'user' { 
                # Get-ADUser by default returns these properties:
                # DistinguishedName, Enabled, GivenName, Name, ObjectClass, ObjectGUID, SamAccountName, SID, Surname, UserPrincipalName
                Get-ADUser -Identity $member.DistinguishedName -Properties EmailAddress, EmployeeId, 
                                                                           OfficePhone, Created, Department, City
            }
            'group' {
                # Get-ADGroup by default returns these properties:
                # DistinguishedName, GroupCategory, GroupScope, Name, ObjectClass, ObjectGUID, SamAccountName, SID
                Get-ADGroup -Identity $member.DistinguishedName -Properties mail, Created |
                # rename the property 'mail' here
                Select-Object *, @{Name = 'EmailAddress'; Expression = {$_.mail}} -ExcludeProperty mail
            }
            'computer' {
                # Get-ADComputer by default returns these properties:
                # DistinguishedName, DNSHostName, Enabled, Name, ObjectClass, ObjectGUID, SamAccountName, SID,  UserPrincipalName
                Get-ADComputer -Identity $member.DistinguishedName -Properties Created
            }
        }
        # output an object with all properties you want in the grid view. Some will be empty though depending on the object type
        $account | Select-Object @{Name = 'Type'; Expression = {$member.objectClass}}, 
                                 Name, SamAccountName, EmailAddress, EmployeeId, OfficePhone, Created, Department, City
    }
    # display the results
    $result | Sort-Object Type, Name | Out-GridView -Title "The members of group '$($selected.Name)'"
}

CodePudding user response：

Get-ADGroupMember -Identity *group* | Out-GridView

This should get you all the members of the group. I guess you can filter it from there? :)