mbt masai
 
Welcome !
         

                                
After experiencing a lot of down time, We decided to move this site to CrystalTech.com. CrystalTech.com is powered by only the finest Windows servers providing the best performance, reliability, and value anywhere.

 Powershell Script Question - Beginner

Author Message
aherfindahl

  • Total Posts : 1
  • Scores: 0
  • Reward points : 0
  • Joined: 3/9/2010
  • Status: offline
Powershell Script Question - Beginner Tuesday, March 09, 2010 10:17 AM (permalink)
0
How would I go about creating a Powershell script that says: if a user is a member of one AD group and their machine is in another AD group run this bat file?
#1
    ginolard

    • Total Posts : 1347
    • Scores: 23
    • Reward points : 0
    • Joined: 8/11/2005
    • Status: offline
    Re:Powershell Script Question - Beginner Wednesday, March 10, 2010 12:38 AM (permalink)
    0
    Well, firstly, I would recommend getting the Quest AD Cmdlets.  They make scripting for AD a whole heap easier.

    This is untested as our computers aren't members of any groups but it should work.  

     
 $UserGroups = (Get-QADUser <username>).memberof 
 $CompGroups = (Get-QADComputer <computername>).memberof 
 If ($UserGroups -Contains "X" -And $CompGroups -contains "Y") { 
    Invoke-Expression "batfile" 
     }


    And if you really MUST have it as a one-liner 

     
 If ((Get-QADUser <username>).memberof -Contains "X" -And (Get-QADComputer <computername>).memberof -contains "Y") {Invoke-Expression "batfile"}

    <message edited by ginolard on Wednesday, March 10, 2010 12:39 AM>
    Author of ManagePC - http://managepc.net

    #2
      ebgreen

      • Total Posts : 8088
      • Scores: 95
      • Reward points : 0
      • Joined: 7/12/2005
      • Status: offline
      Re:Powershell Script Question - Beginner Wednesday, March 10, 2010 3:34 AM (permalink)
      0
      The QAD cmdlets are handy. Here is how you would do it without them:

      $domain = [adsi]''
      $searcher = New-Object System.DirectoryServices.DirectorySearcher
      $searcher.SearchRoot = $domain
      $searcher.filter = "(&(ObjectClass=User)(name=<USERNAME>))"
      $UserGroups = $searcher.FindOne().properties.memberof
      $searcher.filter = "(&(ObjectClass=Computer)(name=<COMPUTERNAME>))"
      $CompGroups = ($searcher.FindOne().properties.memberof
       If ($UserGroups -Contains "X" -And $CompGroups -contains "Y") {
          Invoke-Expression "batfile"
           }
      "... when you are good and crazy, oooh, oooh, oooh, the sky is the limit!" - The Tick
      Goog places to start:http://www.visualbasicscript.com/m_24727/tm.htm
      http://www.visualbasicscript.com/m_47117/tm.htm
      #3
        sdm44990

        • Total Posts : 18
        • Scores: 0
        • Reward points : 0
        • Joined: 1/26/2007
        • Status: offline
        Re:Powershell Script Question - Beginner Tuesday, March 23, 2010 10:59 PM (permalink)
        0
        Get an R2 box for mgmt, and install AD web service on your DCs.  New R2 cmdlets have all sorts of great AD stuff, and group policy cmdlets as well.
        #4

          Online Bookmarks Sharing: Share/Bookmark

          Jump to:

          Current active users

          There are 0 members and 1 guests.

          Icon Legend and Permission

          • New Messages
          • No New Messages
          • Hot Topic w/ New Messages
          • Hot Topic w/o New Messages
          • Locked w/ New Messages
          • Locked w/o New Messages
          • Read Message
          • Post New Thread
          • Reply to message
          • Post New Poll
          • Submit Vote
          • Post reward post
          • Delete my own posts
          • Delete my own threads
          • Rate post

          2000-2012 ASPPlayground.NET Forum Version 3.8
          mbt shoes www.wileywilson.com