To get a list of AD users with enabled accounts that aren't in either "Group1" or "Group2":
$results = @()
$users = Get-ADUser -Properties memberof -Filter 'enabled -eq $true'
foreach ($user in $users) {
$groups = $user.memberof -join ';'
$results += New-Object psObject -Property @{'User'=$user.name;'Groups'= $groups}
}
$results | Where-Object { ($_.groups -notmatch 'Group1') -and ($_.groups -notmatch 'Group2')} | Select-Object user | Sort-Object -Property User
No comments:
Post a Comment