Mark Minasi's Tech Forum
Register Calendar Latest Topics Chat
 
 
 


Reply
  Author   Comment  
meloao

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 30
Reply with quote  #1 
I have written the Powershell script below. However it does not process the for loop. What I want it to do is search Users OU, get the sAMAccountName and department and export to a text file.

The for loop should go through the list of users in the text file and based on the department perform some actions.

In the condition statement, I have used $user.department, $_.department, and $department.

Also, there will be multiple departments, but for the sake of clarity, I only listed 2 possible values.



Import-Module ActiveDirectory
 
$ou = "CN=Users,DC=server,DC=server,DC=server,DC=server"
 
#Department fields
$DeptHR = "HR"
$DeptLegal = "Legal"  
 
#Grab sAMAccountName and department of enabled users in Users OU and export to text file
Get-ADUser -Filter {enabled -eq $true} -searchbase $ou -Properties sAMAccountName, department  | Sort sAMAccountName  | select sAMAccountName, department  |  Out-File c:\enabledusers.txt


$listDomainUsers = Get-Content -Path c:\enabledusers.txt
 
 
 
ForEach ($user in $listDomainUsers) {
if ($_.department -eq $DeptHR) {
         Write-Host "$DeptHR"
        Write-Host "$user"
    
     }

elseif ($_.department -eq $DeptLegal) {
     Write-Host "$DeptLegal"
     Write-Host "$user"
               }
  
 }
 
 
 
0
cj_berlin

Avatar / Picture

Senior Member
Registered:
Posts: 228
Reply with quote  #2 
Melissa,

with foreach, you either define the loop variable (as you have done) or you don't, then you have to use the implicit one ($_). But there's no mixing the two, you can either change the foreach definition to

$listDomainUsers | foreach { rest of the script remains unchanged }

or actually use the loop variable in the loop so basically replace all occurrences of $_ by $user

HTH

__________________
Evgenij Smirnov

My personal blog (German): http://www.it-pro-berlin.de/
My stuff on PSGallery: https://www.powershellgallery.com/profiles/it-pro-berlin.de/
0
meloao

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 30
Reply with quote  #3 
Thanks Evgeniji.

I modified the For loop to look like this:

ForEach ($user in $listDomainUsers) {

Write-Host "test"

if ($_.department -eq $DeptHR) {
         Write-Host "$DeptHR"
        Write-Host "$user"
    
     }


Test is displayed on the screen so I know that For statement works.  It is the If statement that is not process.  The condition $_.department -eq $DeptHR   is not being tested.
0
cj_berlin

Avatar / Picture

Senior Member
Registered:
Posts: 228
Reply with quote  #4 
Right, because it should be

if ($user.department -eq $DeptHR) {...

__________________
Evgenij Smirnov

My personal blog (German): http://www.it-pro-berlin.de/
My stuff on PSGallery: https://www.powershellgallery.com/profiles/it-pro-berlin.de/
0
cj_berlin

Avatar / Picture

Senior Member
Registered:
Posts: 228
Reply with quote  #5 
And, on a second glance,

no, it won't work this way either. Your $listdomainusers now holds an array of string. They do not have a .department attribute.

Why don't you just loop through the user object you get from AD?

__________________
Evgenij Smirnov

My personal blog (German): http://www.it-pro-berlin.de/
My stuff on PSGallery: https://www.powershellgallery.com/profiles/it-pro-berlin.de/
0
meloao

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 30
Reply with quote  #6 
Once completed, this script will run on a schedule via Task Scheduler.  I like to have a log file that shows which users were modified.  For this script though, the log file may not be needed.

When you say just loop through the user objects from AD, are you saying use the get-aduser like I did above and remove out-file and put the for loop?

It would be something like this:

Get-ADUser -Filter {enabled -eq $true} -searchbase $ou -Properties sAMAccountName, department  | Sort sAMAccountName  | select sAMAccountName, department  | Foreach { rest of the script remains unchanged }

?

0
cj_berlin

Avatar / Picture

Senior Member
Registered:
Posts: 228
Reply with quote  #7 

Yes, that's what I mean. And if you do need to transport structured data via files, you can use the CSV format (Export-CSV / Import-CSV) or, for more complex objects, the CLIXML format (Export-CLIXML/Import-CLIXML)


__________________
Evgenij Smirnov

My personal blog (German): http://www.it-pro-berlin.de/
My stuff on PSGallery: https://www.powershellgallery.com/profiles/it-pro-berlin.de/
0
meloao

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 30
Reply with quote  #8 
When I put the following code in ISE the "in" is underline and says that the expression is not recognized.


Get-ADUser -Filter {enabled -eq $true} -searchbase $ou -Properties sAMAccountName, department  | Sort sAMAccountName | Where {($_.department -ne $null) -and ($_.department -notlike $contractor) } | select -ExpandProperty sAMAccountName | Sort  |  ForEach  ($user in $listDomainUsers) { if ($_.department -like $DeptOCM) { Write-Host "$user" }}

I will still need the line below correct?  If so, wouldn't I still need to output to textfile since the text file is named $listDomainUsers

 $listDomainUsers | foreach { rest of the script remains unchanged }

0
meloao

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 30
Reply with quote  #9 
Ok, so I have modified the script a bit.

The script still export the samaccountname to the text file.  The For loop looks like this:


ForEach ($user in $listDomainUsers) {

$userDept = Get-aduser -Filter ( sAMAccountName -eq $user) | select department

if ($userDept -like $DeptHR) {

Write-Host "$user"

}
}


The For loop first gets the department code from the sAMAccountName in the text doc, then the if statement will perform an action based on the department field.  

However, I am getting an error on this line in bold.  It says:  

The term 'sAMAccountName' is not recognized as the name of a
cmdlet, function, script file, or operable program.

I want that line to get the department code of each user and assign the variable to it.




0
meloao

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 30
Reply with quote  #10 
Also tried:

$userDept = Get-aduser -identity $user -Properties department


It says cannot find an object with identity ....
0
meloao

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 30
Reply with quote  #11 
I got it!

I put the following line below under the For loop.   It then started to process the If statement.

Thanks a lot for your help Evgenij!
0
meloao

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 30
Reply with quote  #12 
Here is the line:


$userDept = Get-aduser -identity $user -Properties department | select -ExpandProperty department
0
Pieter

Avatar / Picture

Senior Member
Registered:
Posts: 152
Reply with quote  #13 
Quote:
Originally Posted by meloao
What I want it to do is search Users OU, get the sAMAccountName and department and export to a text file.



get-aduser -Properties samaccountname, department -SearchBase $OU  | Format-table -Property samaccountname, department | Out-File -FilePath "c:\temp\output.txt"

 

 


__________________
Pieter Demeulemeester
0
meloao

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 30
Reply with quote  #14 
Tthis is exactly what I was looking for.  I am kind of partial to text files over csv.  Also, the Format-table command works great!

Thanks Pieter!
0
Previous Topic | Next Topic
Print
Reply

Quick Navigation:

Easily create a Forum Website with Website Toolbox.