|
Replies:
16
-
Pages:
2
[
1
2
| Next
]
-
Last Post:
Aug 27, 2008 2:28 PM
by: Dmitry Sotnikov
|
|
|
Posts:
8
Registered:
7/27/08
|
|
|
|
Primary Group
Posted:
Jul 27, 2008 2:47 PM
|
|
|
Does anyone know if there is a way using Powershell to list the primary group (not the ID but the actual group name) for each user in AD?
Thanks
|
|
|
Posts:
415
Registered:
9/4/07
|
|
|
|
Re: Primary Group
Posted:
Jul 28, 2008 1:05 AM
in response to: SeanF12
|
|
|
C:\>get-qaduser | select name, @{n="PrimaryGroup";e={get-qadgroup $_.PrimaryGroupSid.ToString()}}
|
|
|
Posts:
1,919
Registered:
1/31/08
|
|
|
|
Re: Primary Group
Posted:
Jul 28, 2008 1:42 AM
in response to: SeanF12
|
|
|
Here's a (slow) version with where-object. I tried to use an ldap filter but it gives me an error, Andrey? :
foreach($user in Get-QADUser){
$user | select name, @{n="PrimaryGroup";e={ (Get-QADGroup | where {$_.PrimaryGroupToken -eq $user.PrimaryGroupId}).Name}}
}
PS > Get-QADGroup -ldapFilter '(PrimaryGroupToken=513)'
Get-QADGroup : Inappropriate matching.
At line:1 char:13
+ Get-QADGroup <<<< -ldapFilter '(PrimaryGroupToken=513)'
|
Shay Levy [MVP]
http://blogs.microsoft.co.il/blogs/ScriptFanatic
PowerShell Toolbar
|
|
Posts:
415
Registered:
9/4/07
|
|
|
|
Re: Primary Group
Posted:
Jul 28, 2008 1:54 AM
in response to: Shay Levy
|
|
|
PrimaryGroupToken is computed attribute. You can't use in LDAP search against directory.
|
|
|
Posts:
1,919
Registered:
1/31/08
|
|
|
Posts:
415
Registered:
9/4/07
|
|
|
|
Re: Primary Group
Posted:
Jul 28, 2008 2:10 AM
in response to: Shay Levy
|
|
|
It's not a typo. PrimaryGroupSid is computed property, that returns SID of primary group. It is computed from domain SID and primary group id.
|
|
|
Posts:
1,919
Registered:
1/31/08
|
|
|
|
Re: Primary Group
Posted:
Jul 28, 2008 2:21 AM
in response to: Andrey Moiseev ...
|
|
|
Oh... I run the original one and got this:
PS > get-qaduser | select name, @{n="PrimaryGroup";e={get-qadgroup $_.PrimaryGroupSid.ToString()}}
Select-Object : You cannot call a method on a null-valued expression.
At line:1 char:22
+ get-qaduser | select <<<< name, @{n="PrimaryGroup";e={get-qadgroup $_.PrimaryGroupSid.ToString()}}
Name PrimaryGroup
---- ------------
User1
Select-Object : You cannot call a method on a null-valued expression.
At line:1 char:22
+ get-qaduser | select <<<< name, @{n="PrimaryGroup";e={get-qadgroup $_.PrimaryGroupSid.ToString()}}
User2
Select-Object : You cannot call a method on a null-valued expression.
At line:1 char:22
(...)
Also, I can't find the PrimaryGroupSid on my user account:
PS > (Get-QADUser ShayL).PrimaryGroupSid
# gives nothing
PS > Get-QADUser ShayL -IncludeAllProperties | fl pri*
primaryInternationalISDNNumber :
primaryTelexNumber :
PrimaryGroupId : 513
|
Shay Levy [MVP]
http://blogs.microsoft.co.il/blogs/ScriptFanatic
PowerShell Toolbar
|
|
Posts:
415
Registered:
9/4/07
|
|
|
|
Re: Primary Group
Posted:
Jul 28, 2008 2:41 AM
in response to: Shay Levy
|
|
|
Oops! It's my bad. This feature will be introduced only in next version. Fixed solution:
get-qaduser | select name, @{n="PrimaryGroup";e={get-qadgroup "$($_.Domain.Sid)-$($_.PrimaryGroupId)"}}
|
|
|
Posts:
1,919
Registered:
1/31/08
|
|
|
Posts:
415
Registered:
9/4/07
|
|
|
|
Re: Primary Group
Posted:
Jul 28, 2008 3:17 AM
in response to: Shay Levy
|
|
|
Again version mess. Sorry. I should test my examples on release version before publishing. Here is final command. It have been tested on my 1.1 installation :)
get-qaduser | select name, @{n="PrimaryGroup";e={get-qadgroup "$($_.Sid.AccountDomainSid)-$($_.PrimaryGroupId)"}}
Message was edited by: Andrey Moiseev (Quest)
|
|
|
Posts:
1,919
Registered:
1/31/08
|
|
|
Posts:
415
Registered:
9/4/07
|
|
|
|
Re: Primary Group
Posted:
Jul 28, 2008 3:55 AM
in response to: Shay Levy
|
|
|
I've corrected my post. Now it was a typo. 
|
|
|
Posts:
8
Registered:
7/27/08
|
|
|
|
Re: Primary Group
Posted:
Jul 28, 2008 5:14 AM
in response to: SeanF12
|
|
|
Fantastic! Thanks guys, worked like a charm
|
|
|
Posts:
2
Registered:
8/26/08
|
|
|
|
Re: Primary Group
Posted:
Aug 26, 2008 12:56 PM
in response to: SeanF12
|
|
|
when i run the command in powergui 1.5 I only get the name column. Forgive my ignorance I am new to Scripting.
|
|
|
Posts:
1,151
Registered:
12/1/06
|
|
|
|
Re: Primary Group
Posted:
Aug 26, 2008 1:32 PM
in response to: chris b
|
|
|
Chris,
What do you mean by "run the command in powergui"?
You created a script node with the code? Can you right-click the column header and see if you can add the PrimaryGroup column as well?
Dmitry
|
|
|
|
Legend
|
|
MVP: 2501
+
pts
|
|
Guru: 2001
- 2500
pts
|
|
Expert: 751
- 2000
pts
|
|
Enthusiast: 31
- 750
pts
|
|
Novice: 0
- 30
pts
|
|
Moderators
|
|
Helpful answer
(5 pts)
|
|
Answered
(10 pts)
|
|
