我有包含用户和计算机的安全组。我只想列出安全组中的用户。我正在获取用户列表,但也收到安全组中每台计算机的错误:
Get-ADUser : Cannot find an object with identity: 'CN="*
我使用的脚本如下:
$GroupName = Read-Host -Prompt 'Enter the Group Name'
Get-ADGroupMember -Identity $GroupName -Recursive |
Get-ADUser -Properties Name,Mail,Title,Department | Sort-Object Department,Title,Name | Format-Table Name,Mail,Title,Department -AutoSize
不要使用
Get-ADGroupMember
,而是使用 Get-ADUser
和过滤器来递归地查找群组的所有成员:
$GroupName = Read-Host -Prompt 'Enter the Group Name'
$groupDn = (Get-ADGroup -Identity $GroupName).DistinguishedName
$getADUserSplat = @{
LDAPFilter = "(memberOf:1.2.840.113556.1.4.1941:=$groupDn)"
Properties = 'Name', 'Mail', 'Title', 'Department'
}
Get-ADUser @getADUserSplat |
Sort-Object Department, Title, Name |
Format-Table Name, Mail, Title, Department -AutoSize