Im creating a script to help organize some groups for my school district. Long story short we have these 'Everyone groups' that are supposed to include all teachers/staff that are located at specific buildings. This data is stored in the 'Department variable' in AD. We also have a hold OU for staff that is no longer at the district, but we keep their accounts for 30 days that I don't want included. The result I have that works right now is as follows
Get-ADUser -Filter * -Properties sAMAccountName, department | Where { ($_.distinguishedName -notlike '*OU=Deactivated April 20th Hold*') } | Where { ($_.department -eq 'CENTENNIAL ELEMENTARY') } | Select sAMAccountName | Export-Csv -LiteralPath C:\Results\Everyone_Groups\CN.csv -NoTypeInformation
Get-ADUser -Filter * -Properties sAMAccountName, department | Where { ($_.distinguishedName -notlike '*OU=Deactivated April 20th Hold*') } | Where { ($_.department -eq 'CENTRAL ELEMENTARY') } | Select sAMAccountName | Export-Csv -LiteralPath C:\Results\Everyone_Groups\CR.csv -NoTypeInformation
and so on, with the name of the department changing for every school.
The downside of this is that I have to run that command nearly 25 times to grab all of the users for the different departments that I need.
I want to integrate IF statements into this so I only have to pull users 1 time and then filter them from there, to add an additional hurtle to this, I don't want to just pull all users so that option is out. I've come up with the following to achieve this.
Get-ADUser -Filter * -Properties sAMAccountName, department | Where ($_.distinguishedName -notlike '*OU=Deactivated April 20th Hold*')
If ($_.department -eq 'CENTENNIAL ELEMENTARY'){
Select sAMAccountName | Export-Csv -LiteralPath C:\Results\Everyone_Groups\CN.csv -NoTypeInformation -Append
}
And from here I would add additional IF statements for each additional department. The problem is that this command returns nothing to me. It doesn't error out or anything, it just never produces the .csv I'm asking for.
Any ideas on this?
CodePudding user response:
If I got it right you could use something like this:
$DepartmentList =
'CENTENNIAL ELEMENTARY',
'CENTRAL ELEMENTARY'
Get-ADUser -Filter * -Properties department |
Where-Object { $_.distinguishedName -notlike '*OU=Deactivated April 20th Hold*' -and $_.department -in $DepartmentList } |
Select-Object sAMAccountName |
Export-Csv -LiteralPath C:\Results\Everyone_Groups\CN.csv -NoTypeInformation
CodePudding user response:
First off, pulling users once is simple, just pull the users and capture the output in a variable. Once you have that you can sort them out from there easily enough.
$Users = Get-ADUser -Filter * -Properties sAMAccountName, department | Where { ($_.distinguishedName -notlike '*OU=Deactivated April 20th Hold*') }
From there you could just run it through a switch like:
Switch($Users){
{$_.Department.ToUpper() -eq 'CENTENNIAL ELEMENTARY'} {$_|Select samaccountname|Export-Csv C:\Results\Everyone_Groups\CN.csv -NoTypeInformation -Append}
{$_.Department.ToUpper() -eq 'CENTRAL ELEMENTARY'} {$_|Select samaccountname|Export-Csv C:\Results\Everyone_Groups\CR.csv -NoTypeInformation -Append}
}
CodePudding user response:
If you're looking to filter for users in 'CENTRAL ELEMENTARY', 'CENTENNIAL ELEMENTARY', while excluding users in '*OU=Deactivated April 20th Hold*', then I would loop through each department making a call to Get-ADuser for each one:
$departments = 'CENTRAL ELEMENTARY', 'CENTENNIAL ELEMENTARY'
foreach ($department in $departments)
{
Get-ADUser -LDAPFilter "(&(!(cn=*OU=Deactivated April 20th Hold*))(department=$department))" -Properties 'Department' | Select-Object -Property 'SAMAccountName' |
Export-Csv -Path "C:\Results\Everyone_Groups\$department.csv" -NoTypeInformation
}
Now you can export based on the department and can add more later if needed; just add the new departments to $departments array, and it should export to a csv accordingly with the name as the department.