列出组成员资格组合

Question

希望我能在这里得到一些帮助，因为我正在努力完成我所追求的目标，我怀疑它甚至是现在实现这一目标的最佳方式！

基本上我有一个 powershell 脚本（见下文），它成功列出了我放入的某个过滤器的成员。这一切都很顺利，并将列表输出到 CSV。

然而，下一部分是告诉它只返回属于特定组组合成员的成员。例如，用户可能是第 1 组、第 2 组和第 7 组的成员（假设有 9 个使用该命名方案的组）

所以我试图返回仅与他们在两个组（第 1 组和第 2 组）中的声明相匹配的成员的结果，并排除那些可能只在第 1 组但不属于第 2 组的人......希望这使得感觉。

# first im narowing down group search to all groups starting with Group and then a number (this is an example). This will return 9 groups. Group 1 through to Group 9
$Groups = (Get-AdGroup -filter * | Where-object { $_.name -like "Group *" } | select-object name -expandproperty name)

# Just standard Array
$Array = @()
$Data = [ordered]@{}

# so now im wanting to search for members in each of those groups we narrowed down to above 
Foreach ($Group in $Groups) {
    # This bit defines my search criteria. It works perfectly if i just return all users. But if i only want to display members that are in Group 1 AND Group 2....it does not return any results.
    $Members = Get-ADGroupMember -identity $Group | Where-Object { ($Group.name -like "Group 1") -and ($Group.name -like "Group 2") } | Get-ADUser -Properties * | select-object  givenName, sn, sAMAccountName, mail 
    # Eventually that will be displayed in the object below...this bit works fine
    foreach ($Member in $Members) {
        $Data."update" = "modify"
        $Data."region" = $Group
        $Data."login" = $Member.mail
        $Data."first_name" = $Member.givenName
        $Data."last_name" = $Member.sn
        $Data."approver_level" = "BlankForNow"
        #
        $DataPSObject = New-Object PSObject -property $Data
        #
        $Array += $DataPSObject
    }

}
#
$Array | Sort-Object -Property login | Export-Csv "D:\Temp\Groups.csv" -NoTypeInformation

任何想法我可能会出错？以这种方式编辑输出的 CSV 和匹配语句可能会更好。那么从 CSV 中删除用户不是两者成员的行？甚至不确定 Import-CSV tbh 是否完全有可能

提前致谢！

Answer 1

如果您想要组“Operations”和“ServiceDeskLevel2”的共同成员

# Get groups members
$membersGroup1 = Get-ADGroupMember "Operations"
$membersGroup2 = Get-ADGroupMember "ServiceDeskLevel2"

# Compares both groups and put common members in the $res list
$res = Compare-Object $membersGroup1 $membersGroup2 -PassThru -IncludeEqual -ExcludeDifferent 

# Output the name of the common members from $res
$res | Format-List -Property name