Thursday, January 7, 2010

Get-Oneliner | Group it | Sort it | Format it

Well if you read my first post on my blog you will note that I'm not (or wasn't) a fan of one-liners.  I really like structured code; and PowerShell does a great job at letting me do that.  Recently, though, I've had a change of heart (the more I use PowerShell the more I change my views on it).  I've now officially become a fan of one-liners.

I've been reading Dr. Tobias Weltner's book Mastering-PowerShell (I find it to be very well written and super helpful).  Chapter 5 entitled "The PowerShell Pipeline" was very enlightening.  So I wrote a one-liner that gets all AD users and groups them by manager, sorts them and displays them in a nice text tree.  I have two versions.  I wrote the first one because I have a multi-domain forest and some of the mangers are not in the same domain as the users and currently the ActiveDirectory module won't let you search cross domain to my knowledge.  The second example is for a single domain forest.  Both one-liners take into consideration that the user object my not have the manager attribute set.

Example 1 Multi-domain Forest (replace foreigndomain and localdomain with real domain names)
Get-ADUser -filter * -Properties samaccountname, displayname, manager |             
    group {if(($_.manager -ne $null) -and ($_.manager -imatch "dc=localdomain")){            
        (Get-ADObject $_.manager -Properties displayname).displayname            
        }else{            
        if($_.manager -imatch "dc=foreigndomain"){"FOREIGNDOMAINNAME"            
        }else{            
        "UNKNOWN"}}} |             
        sort name |             
        %{$_.Name; "-------------------"; ($_.Group |             
            %{if($_.displayname -ne $null){"`t$($_.displayname)"}else{"`t$($_.samaccountname)"}}); "`n"}

Get-ADUser -filter * -Properties samaccountname, displayname, manager | group {if(($_.manager -ne $null) -and ($_.manager -imatch "dc=localdomain")){(Get-ADObject $_.manager -Properties displayname).displayname}else{if($_.manager -imatch "dc=foreigndomain"){"FOREIGNDOMAINNAME"}else{"UNKNOWN"}}} | sort name | %{$_.Name; "-------------------"; ($_.Group | %{if($_.displayname -ne $null){"`t$($_.displayname)"}else{"`t$($_.samaccountname)"}}); "`n"}


Example 2 Single-domain Forest
Get-ADUser -filter * -Properties samaccountname, displayname, manager |             
    group {if($_.manager -ne $null){(Get-ADObject $_.manager -Properties displayname).displayname}else{"UNKNOWN"}} |            
    sort name |             
    % { $_.Name;             
        "-------------------";            
        ($_.Group | %{if($_.displayname -ne $null){"`t$($_.displayname)"}else{"`t$($_.samaccountname)"}});            
        "`n"}

Get-ADUser -filter * -Properties samaccountname, displayname, manager | group {if($_.manager -ne $null){(Get-ADObject $_.manager -Properties displayname).displayname}else{"UNKNOWN"}} | sort name | % { $_.Name;"-------------------";($_.Group | %{if($_.displayname -ne $null){"`t$($_.displayname)"}else{"`t$($_.samaccountname)"}});"`n"}

Output will be something like this:

PS C:\>Get-ADUser -filter * -Properties samaccountname, displayname, manager | group {if(($_.manager -ne $null) -and ($_.manager -imatch "dc=localdomain")){(Get-ADObject $_.manager -Properties displayname).displayname}else{if($_.manager -imatch "dc=foreigndomain"){"FOREIGNDOMAINNAME"}else{"UNKNOWN"}}} | sort name | %{$_.Name; "-------------------"; ($_.Group | %{if($_.displayname -ne $null){"`t$($_.displayname)"}else{"`t$($_.samaccountname)"}}); "`n"}            


Foreign Domain
--------------------
    Employee4
    Employee5
    Employee6
    Employee7

Manager1
--------------------
    Employee1
    Employee2

Manager2
--------------------
    Employee3

UNKNOWN
--------------------
    Employee8
    Employee9
    .
    .
    .
    etc...

You get the idea.

Have fun.!
Posted by Cameron Ove at 3:27 PM
Labels: , , , , , , , ,

1 comment:

  1. AnonymousJanuary 12, 2010 at 8:48 AM

    Does it really count as a one-liner if it takes you 10 lines to epress it? What I like about Powershell is that Windows admins now have their own perl-like tool that they can write obscure code in!

    \\Greg

    ReplyDelete

Subscribe to: Post Comments (Atom)