Filtering based on extended attrubite employeenumber, add to group
end goal:
create dynamic distribution email group based on employee ids. need exclude contractors , email employees.
idea far:
create new group called contractors. group it's own ou ease of dynamic distribution group building. run script "employeenumber" attribute , if is less or equal "9" add them contractors group. schedule run daily.
issues:
i dumba$$.
only thing can filter on employee number
need error handling "already group member"
here have far. close.
mike
$emlusers = get-aduser -property mail -filter {mail -like "*@contoso.com"} | foreach-object {$_.samaccountname} $employeenumber = get-qaduser -ldapfilter "(&(objectcategory=person)(objectclass=user))" -includedproperties employeenumber -dontusedefaultincludedproperties -sizelimit '0' | foreach-object {$_.employeenumber} foreach ($samaccountname in $emlusers) { if($employeenumber -ge "10") { write-output "$(_.samaccountname) employee" } else { add-adgroupmember -identity contractors $_.samaccountname } thanks again,
mike
i did not give enough info leading 0. changed , seems work now.
$contractors = get-aduser -ldapfilter "(&(objectcategory=person)(objectclass=user)(employeenumber<=01000))"
Windows Server > Windows PowerShell
Comments
Post a Comment