What my script does is get a list of Azure app registrations and then calculate how many days left until the secret expires. It works fine in the main, except that if an app registration has 2 secrets it falls over. Having 2 secretes isn't common, but we introduced a 2nd secret on one app registration just for a short period of testing.
After obtaining the list of app registrations (there are 10 in total), my script then goes through each of them to obtain the expiration date date and then calculate the number of days left. Below is a snippet ...
foreach ($app in $applications) {
$Appname = $app.displayName
$AppID = $app.Id
$ApplID = $app.AppId
$AppCreds = Get-AzADAppCredential -ObjectId $AppID | select StartDateTime, EndDateTime, Hint
$today = get-date
$StartDate = $AppCreds.StartDateTime
$EndDate = $AppCreds.EndDateTime
$operation = $EndDate - $today
$ODays = $operation.Days
# Check how many days are remaining for secret expiration
if ($ODays -le $Days -and $ODays -ge 0)
Once obtained it sends an e-mail if a secret is going to expire within 60 days.
When the script hits the app registration with two secrets it fails with ...
"Problem occurred: Method invocation failed because [System.Object[]] does not contain a method named 'op_Subtraction'."
Any ideas why this is happening?
The $AppCreds is array in case if you have more than app secret. Here is fully re-worked script to build the report:
function Get-AzADAppCredentialExpiration(){
$retArray = #()
$applications = Get-AzADApplication
$today = get-date
foreach($app in $applications){
$AppCreds = #(Get-AzADAppCredential -ObjectId $app.Id)
$AppCreds | %{
$retArray += [PSCustomObject]#{
AppName = $app.DisplayName;
ClientSecretId = $_.KeyId
SecretHint = $_.Hint
DaysLeft = ($_.EndDateTime - $today).Days
}
}
}
return $retArray
}
$report = Get-AzADAppCredentialExpiration
$report | ? {$_.DaysLeft -le 30 -and $_.DaysLeft -gt 0} | Group-Object -Property AppName | %{
Write-Host "Key for application $($_.Name) will be expired soon:" -ForegroundColor Yellow
$_.Group | %{
Write-Host "`t$($_.SecretHint) ($($_.ClientSecretId))" -ForegroundColor Yellow
}
}
$report | ? {$_.DaysLeft -le 0} | Group-Object -Property AppName | %{
Write-Host "Key for application $($_.Name) are expired:" -ForegroundColor Red
$_.Group | %{
Write-Host "`t$($_.SecretHint) ($($_.ClientSecretId))" -ForegroundColor Red
}
}
Old answer
The $AppCreds is array in case if you have more than app secret. So you should check if it array and then calculate accordingly:
foreach ($app in $applications) {
$Appname = $app.displayName
$AppID = $app.Id
$ApplID = $app.AppId
$AppCreds = Get-AzADAppCredential -ObjectId $AppID | select StartDateTime, EndDateTime, Hint
$today = get-date
if($AppCreds -is [Array]){
$AppCreds | %{
$StartDate = $_.StartDateTime
$EndDate = $_.EndDateTime
$operation = $EndDate - $today
#....
}
}
else{
$StartDate = $AppCreds.StartDateTime
$EndDate = $AppCreds.EndDateTime
$operation = $EndDate - $today
}
Related
I have written a script to export specific registry keys and the sub keys inside it with the server ping response, but my scripts works as expected and I can able to export that to Excel as well.
But I need inputs or some help on how to add the colors to the Excel output column based on the value.
As Ex: in my script I will get ping response as true or false, for True I need to add green colour and for False I need to add Red color in my output, please help me to achieve this with my script.
CODE
## Get full list of servers
$Servers = GC -Path ".\Servers.txt"
## Loop through each server
$Result = foreach ($vm in $Servers) {
## Check the Ping reponse for each server
Write-Host "Pinging Server" $vm
$Ping = Test-Connection -Server $vm -Quiet -Verbose
if ($Ping){Write-host "Server" $vm "is Online" -BackgroundColor Green}
else{Write-host "Unable to ping Server" $vm -BackgroundColor Red}
## Check the Network Share path Accessibility
Write-Host "Checking Share Path on" $vm
$SharePath = Test-Path "\\$vm\E$" -Verbose
if ($SharePath){Write-host "Server" $vm "Share Path is Accessible" -BackgroundColor Green}
else{Write-host "Server" $vm "Share path access failed" -BackgroundColor Red}
Invoke-Command -ComputerName $vm {
## Get ChildItems under HKLM TCPIP Parameter Interface
Get-ChildItem -Path 'HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces' | ForEach-Object {
Get-ItemProperty -Path $_.PSPath | Where-Object { $_.PsObject.Properties.Name -like 'Dhcp*' }
} | Select-Object -Property #{Name = 'ComputerName'; Expression = {$env:COMPUTERNAME+"."+$env:USERDNSDOMAIN}},
#{Name = 'Ping_Response'; Expression = {if($using:Ping) {'Pinging'} else {'Unable to ping'}}},
#{Name = 'Share_Path_Access'; Expression = {if($using:SharePath) {'Accessible'} else {'Not Accessible'}}},
DhcpIPAddress, #{Name = 'DhcpNameServer'; Expression = {$_.DhcpNameServer -split ' ' -join '; '}},
DhcpServer, #{Name = 'DhcpDefaultGateway'; Expression = {$_.DhcpDefaultGateway -join '; '}}
}}
$Result | Select-Object * -Exclude PS*, RunspaceId | Export-Excel -Path "$PSScriptRoot\TCPIP_Interface_Details.xlsx" -AutoSize -BoldTopRow -FreezeTopRow -TitleBold -WorksheetName TCPIP_Interface_Details
You can use the New-ConditionalText cmdlet to highlight cells containing the specified -Text with the color of our choice. The cmdlet can also take RGB colors. I encourage you to read the documentation on it, there are also many examples:
Get-Help New-ConditionalText
Since I don't have access to your $result object I can only give you an example of how you can do it using a simple example:
$result = 0..10 | ForEach-Object {
[pscustomobject]#{
ComputerName = 'Host' + $_
Ping_Response = ('Not Responding', 'Pinging')[($_ % 2)]
}
}
function RGB ($red, $green, $blue ){
return [System.Double]($red + $green * 256 + $blue * 256 * 256)
}
$fontGreen = RGB 0 97 0
$backGreen = RGB 198 239 206
$condProps = #{
Text = 'Pinging'
ConditionalTextColor = $fontGreen
BackgroundColor = $backGreen
}
$conditionalTrue = New-ConditionalText #condProps
$conditionalFalse = New-ConditionalText -Text 'Not Responding'
$props = #{
AutoSize = $true
InputObject = $result
Path = 'test.xlsx' # => Use your absolute Path here!
TableName = 'myTable'
TableStyle = 'Medium11'
WorksheetName = 'myWorkSheetName'
ConditionalText = $conditionalTrue, $conditionalFalse
}
Export-Excel #props
The end result should look something like this (unfortunately Google Sheets doesn't do it justice):
$subscriptions = Get-AzSubscription
$result = foreach ($vsub in $subscriptions){
Select-AzSubscription $vsub.SubscriptionID
Write-Host
Write-Host "Working on $($vsub.Name)"
Write-Host
foreach($VM in (Get-AzVM)){
# $Tier = (Get-AzResource -ResourceId $webapp.ServerFarmId).Sku.Tier
# $Plan = Get-AzAppServicePlan -ResourceGroupName $webapp.ResourceGroup
# output the object so it gets collected in $result
[PSCustomObject]#{
TenantId = $vsub.TenantId
SubscriptionName = $vsub.Name
VMName = $VM.Name
ResourceGroup = $VM.ResourceGroup
# Hostname = $webapp.DefaultHostName
#PricingTier = $Tier
#SKU = #($Plan.Sku.Size) -join ','
#AppServiceName = #($Plan.Name) -join ','
Status = $VM.PowerState
Location = $VM.Location
Size = $VM.HardwareProfile.VmSize
Application_Name= $VM.Tags.Application_Name
Application_Owner= $VM.Tags.Application_Owner
Business_Owner = $VM.Tags.Business_Owner
Cost_Code = $VM.Tags.Cost_Code
Created_Date = $VM.Tags.Created_Date
Environment_Name = $VM.Tags.Environment_Name
ENVIRONMENT_NAME = $VM.Tags.ENVIRONMENT_NAME
#AppType = $webapp.Kind
#SubscriptionID = $vsub.SubscriptionID
}
}
}
# sort unique and export the file
$result | Sort-Object * -Unique | Export-Csv -Path "C:\Users\Desktop\Scripts\vm_inventory.csv" -NoTypeInformation
I am trying to run this query to get the details of the VM but I am receiving the hash literal is incomplete for PSCustomObject, as per my knowledge all the brackets are proper but don't know why I am receiving the error. Request to please help me on the same.
I am trying to get all the Azure AD Application secrets and certificates that will expire in the next 30 days. I'm using Get-AzADApplication piped to Get-AzADAppCredential to get the applications EndDate but it is not returning the correct results as it doesnt match the dates correctly even if I format them both exactly the same. The code below returns some apps that expire in 2025!
$todaysDate = (Get-Date -UFormat "%e/%m/%Y")
$expiryDate = Get-Date $(Get-Date).AddDays(30) -UFormat "%e/%m/%Y"
$aboutToExpire = Get-AzADApplication | ForEach-Object {
$app = $_
#(
Get-AzADAppCredential -ObjectId $_.ObjectId -ErrorAction SilentlyContinue
) | Where-Object { (Get-Date $_.EndDate -UFormat "%e/%m/%Y") -le $expiryDate -and (Get-Date $_.EndDate -UFormat "%e/%m/%Y") -gt $todaysDate} | ForEach-Object {
[PSCustomObject] #{
AppName = $app.DisplayName
ObjectID = $app.ObjectId
AppId = $app.ApplicationId
StartDate = $_.StartDate
EndDate = $_.EndDate
ExpiryDate = $expiryDate
}
}
}
$aboutToExpire
Here is what I'm using for searching expired secrets and certs. I believe you have an issue with the date comparison because of the not correct date format, please take a look at my example.
$apps = Get-AzADApplication
$xs = Get-Date
$ys = Get-Date (Get-Date).AddDays(+60)
$alertListExps = #()
$alertListExpd = #()
foreach ($app in $apps)
{
$secrets = Get-AzADAppCredential -ObjectId $app.ObjectId
if ($null -eq $secrets){}
else
{
foreach ($secret in $secrets)
{
$secretDate = [datetime]$secret.EndDate #::parseexact($secret.EndDate,'dd/MM/yyyy HH:mm:ss',$null)
if ($secretDate -le $xs)
{
$alertListExpd += "*App:* " + $app.DisplayName + " *exired:* " + $secret.EndDate + ' ' + '(' + $secret.Type + ')' | Out-String
}
elseif ($secretDate -le $ys)
{
$alertListExps += "*App:* " + $app.DisplayName + " *exires:* " + $secret.EndDate + ' ' + '(' + $secret.Type + ')' | Out-String
}
}
}
It was a date issue. The first issue was trying to parse the date. Thanks to #oleh-tarasenko for the parseexact code. The second issue was with the comparison operator trying to compare en-AU dates with en-US dates and either failing or outputting bad results. Trick was to provide the specific culture. Code below.
$CIDE = New-Object System.Globalization.CultureInfo("en-US")
$endDate = [DateTime]::parseexact($secret.EndDate, "d/MM/yyyy h:mm:ss tt", $CIDE)
I'm doing some inventory trying to gather all my start/stop VM schedules from Azure.
I'm strugling with extracting the days selected for weekly recurrence schedules.
I can extract all the data from single schedules with:
Select-AzureRmSubscription <name>
$schedule = Get-AzureRmAutomationSchedule -AutomationAccountName <name)-ResourceGroupName <name> -Name <name>
And then get all the days:
$schedule.WeeklyScheduleOptions.DaysOfWeek -join ","
Which outputs: Monday,Tuesday,Wednesday,Thursday,Friday
But if I loop through all my subscriptions and build a psobject
with all schedule data this data comes up empty:
$AzSubs = Get-AzureRmSubscription
$objs = #()
foreach ($AzSub in $AzSubs){
Get-AzureRmSubscription -SubscriptionName $AzSub.Name | Select-AzureRmSubscription
$azAutAccs = Get-AzureRmAutomationAccount
foreach ($azAutAcc in $azAutAccs){
$AzAutScheds = Get-AzureRmAutomationSchedule -AutomationAccountName $azAutAcc.AutomationAccountName -ResourceGroupName $azAutAcc.ResourceGroupName
$AzAutScheds = $AzAutScheds | where{$_.IsEnabled -eq "True"}
foreach ($AzAutSched in $AzAutScheds){
$DOW = $azAutSched.WeeklyScheduleOptions.DaysOfWeek -join "," | out-string
$DOM = $azAutSched.MonthlyScheduleOptions.DaysOfMonth -join "," | out-string
$obj = new-object psobject -Property #{
SchedName = $AzAutSched.Name
LastModifiedTime = (get-date ([DateTime]::Parse($AzAutSched.LastModifiedTime)) -Format "dd-MM-yyyy HH:mm (zzz)")
IsEnabled = $AzAutSched.IsEnabled
AutomationAccount = $azAutAcc.AutomationAccountName
ResourceGroup = $azAutAcc.ResourceGroupName
NextRun = ([DateTime]::Parse($azAutSched.NextRun))
StartTime = (get-date ([DateTime]::Parse($azAutSched.StartTime)) -Format "HH:mm (zzz)")
TimeZone = $azAutSched.TimeZone
Interval = $azAutSched.Interval
Frequency = $azAutSched.Frequency
WeekSchedule = $DOW
MonthSchedule = $DOM
}
$objs += $obj
}
}
}
$objs | sort SchedName | ft -Property SchedName,LastModifiedTime,StartTime,TimeZone,Interval,Frequency,WeekSchedule,MonthSchedule
Then my table ends up with just blank columns for WeekSchedule/MonthSchedule.
I have tried different combos of leaving out the out-string parameter, leaving out the join, setting the property directly in the property line, and as quoted building the variable above the object and referencing it on the property line. None of them work.
Anyone can shed some light as to what I am missing? Or other hints on how to accomplish this are most welcome.
AzureRM module is up to date.
According to my test you need to get individual schedule, not all the schedules in the resource group, it will work in this case:
foreach ($azAutAcc in $azAutAccs){
$AzAutScheds = Get-AzAutomationSchedule -AutomationAccountName $azAutAcc.AutomationAccountName -ResourceGroupName $azAutAcc.ResourceGroupName
$AzAutScheds = $AzAutScheds | Where-Object {$_.IsEnabled -eq "True"}
foreach ($AzAutSched in $AzAutScheds){
$AzAutSched = Get-AzAutomationSchedule -AutomationAccountName $azAutAcc.AutomationAccountName -ResourceGroupName $azAutAcc.ResourceGroupName -Name $AzAutSched.Name
$DOW = $azAutSched.WeeklyScheduleOptions.DaysOfWeek -join "," | out-string
$DOM = $azAutSched.MonthlyScheduleOptions.DaysOfMonth -join "," | out-string
$objs += new-object psobject -Property #{
SchedName = $AzAutSched.Name
LastModifiedTime = (get-date ([DateTime]::Parse($AzAutSched.LastModifiedTime)) -Format "dd-MM-yyyy HH:mm (zzz)")
IsEnabled = $AzAutSched.IsEnabled
AutomationAccount = $azAutAcc.AutomationAccountName
ResourceGroup = $azAutAcc.ResourceGroupName
NextRun = ([DateTime]::Parse($azAutSched.NextRun))
StartTime = (get-date ([DateTime]::Parse($azAutSched.StartTime)) -Format "HH:mm (zzz)")
TimeZone = $azAutSched.TimeZone
Interval = $azAutSched.Interval
Frequency = $azAutSched.Frequency
WeekSchedule = $DOW
MonthSchedule = $DOM
}
}
}
I am trying to get all of the CN's out of active directory in order to populate groups based on that name into Sharepoint Services. I can list the "memberof" section but I can not seem to split it using split(",")
$Dom = 'LDAP://OU=External,OU=Users,OU=HomeOffice,DC=mydoman,DC=com'
$Root = New-Object DirectoryServices.DirectoryEntry $Dom
$i=0
# Create a selector and start searching from the Root of AD
$selector = New-Object DirectoryServices.DirectorySearcher
$selector.SearchRoot = $root
$adobj= $selector.findall() |`
where {$_.properties.objectcategory -match "CN=Person"}
foreach ($person in $adobj){
$prop=$person.properties
$i++
Write-host "$($prop.department) - $($prop.sn), $($prop.givenname)"
Write-host $person.properties["memberof"]
}
"Total $i"
Now I get everything I need, but I need some way to filter only the CN's out...
As a general rule, write-host is not the best way to generate output. Ideally, you want to emit objects out of your function and let PowerShell do the formatting for you. This is the more "pipeline friendly" way of doing things. In this case, if you had a function Get-GroupMembers you could pipe it to something like
Get-Person | ft CN
The trick is creating a new object and adding properties to it, or just emitting the DirectoryServices object you are pulling already. To create a new custom object you can do the following:
$obj = new-object psobject
$obj | add-member -membertype noteproperty name $PropName -value $valueToStore
People can use your function and pipe it to format-table, format-list, select-object, group-object, sort-object and a variety of other things. Keith Hill's Effective PowerShell has a great chapter on Output that you might find helpful.
There is also an article by Don Jones on using objects instead of text that is quite good as well.
test1.ps1
#Connet using LDAP
$Dom = 'LDAP://OU=External Accounts,OU=Users,OU=The Office,DC=mydomain,DC=com'
$Root = New-Object DirectoryServices.DirectoryEntry $Dom
#Integer for the loop
$i=0
# Create a selector and start searching from the Root of AD
$selector = New-Object DirectoryServices.DirectorySearcher
$selector.SearchRoot = $root
#Find the Groups
$adobj= $selector.findall() |`
where {$_.properties.objectcategory -match "CN=Person"}
foreach ($person in $adobj){
$prop=$person.properties
$i++
#Write-host "$($prop.department) - $($prop.sn), $($prop.givenname)" -foregroundcolor Magenta
$test = $person.properties["memberof"]
ForEach-Object {
$test`
-replace "CN=OLDLEGACYGROUP",""`
-replace "CN=",""`
-replace ",OU=Sales",""`
-replace ",OU=Some Groups",""`
-replace ",OU=Groups","" `
-replace ",OU=The Office","" `
-replace ",DC=mydomain","" `
-replace ",DC=com","" `
-replace ",","`r`n"
}
}
test2.ps1
# Lets start with a clean slate :)
Clear
# Lets reference the assembly / GAC that we need for this
#region
[Void][System.Reflection.Assembly]::LoadWithPartialName("Microsoft.SharePoint")
$SPSite = New-Object Microsoft.SharePoint.SPSite("https://myintranetorextranetsite.myfqdn.com")
$OpenWeb = $SpSite.OpenWeb("/")
#endregion
# Add some eye candy :)
# region
# I really wanted some old school thing in here :)
write-host " _ ____ ____ " -foregroundcolor Magenta
write-host " / \ | _ \ / ___| _ _ _ __ ___ " -foregroundcolor Magenta
write-host " / _ \ | | | |____\___ \| | | | '_ \ / __|" -foregroundcolor Magenta
write-host " / ___ \| |_| |_____|__) | |_| | | | | (__ " -foregroundcolor Magenta
write-host "|_/ \_\____/ |____/ \__, |_| |_|\___|" -foregroundcolor Magenta
write-host " |___/ " -foregroundcolor Magenta
Write-Host " Version 2.0" -foregroundcolor Red
Write-Host " Build 2009 09-11 21:30" -foregroundcolor Red
Write-host " Created by Mitchell J. Skurnik" -foregroundcolor Red
#endregion
# Create the stopwatch
#region
[System.Diagnostics.Stopwatch] $sw;
$sw = New-Object System.Diagnostics.StopWatch
$sw.Stop()
$sw.Start()
#endregion
# Function to control Adding groups
function creategroup
{
param ([string] $siteurl = "https://myintranetorextranetsite.myfqdn.com")
$site = New-Object Microsoft.SharePoint.SPSite($siteurl)
$web = $site.RootWeb;
$group = $currentgroup;
$perm = "Read";
$owner = "jdoe";
if ($owner -eq "") { $owner = $web.CurrentUser.LoginName }
$exists = $web.SiteGroups | where { $_.Name -eq $group }
if ($exists -eq $null)
{
# Create group
$web.SiteGroups.Add($group, $web.EnsureUser($owner), $null, "");
# Give permissions to the group
$assign = New-Object Microsoft.SharePoint.SPRoleAssignment($web.SiteGroups[$group]);
$assign.RoleDefinitionBindings.Add($web.RoleDefinitions[$perm])
$web.RoleAssignments.Add($assign)
Write-Host -ForegroundColor green "Creating sharepoint group - " $currentgroup;
}
$site.Dispose();
}
# Function to add users to the specified group
function addUser
{
# Open a connection to the sharepoint site and then select the sub site you want
$themail = $prop.mail
$thedisplay = $prop.displayname
# If there are accounts that dont have some info lets populate it
if ($themail -eq "")
{
$themail = "testaccount#myfqdn.com"
}
if ($thedisplay -eq "")
{
$thedisplay = "Account, Test"
}
if ($themail -eq $null)
{
$themail = "testaccount#myfqdn.com"
}
if ($thedisplay -eq $null)
{
$thedisplay = "Account, Test"
}
$TheNewGroup = $OpenWeb.SiteGroups | Where-Object {$_.Name -match $currentGroup}
$TheNewGroup.AddUser("NTAMR\" + $prop.samaccountname,$themail,$prop.displayname,"")
#write-host "Added: " $thedisplay -foregroundcolor Red
}
# Function to remove people - be careful using this script :(
# Also not done
function removeUser
{
#$TheNewGroup = $OpenWeb.SiteGroups | Where-Object {$_.Name -match $currentGroup}
#$TheNewGroup.AddUser("NTAMR\" + $prop.samaccountname,$themail,$prop.displayname,"")
#$TheNewGroup.Remove($LoginToDel)
}
# Now onto the real stuff
Write-host "Searching for Groups" -foregroundcolor Green
# Clear out the existing text file so we have a clean slate
$file = New-Item -type file "C:\location\to\my\folder\allGroups.txt" -Force
# Execute the Group Dump Script
C:\location\to\my\folder\test.ps1 | Out-File -filepath "C:\location\to\my\folder\allGroups.txt" -append
# Clean up the list by removing duplicates and sorting everything
$TextFile = $TextFile = "C:\Powershell\allGroups.txt"
$NewTextFile = "C:\Powershell\allGroups - Sorted.txt"
GC $TextFile | Sort | GU > $NewTextFile
# Use LDAP to connect to Active Directory
#region
$Dom = 'LDAP://OU=External Accounts,OU=Users,OU=The Office,DC=mydomain,DC=com'
$Root = New-Object DirectoryServices.DirectoryEntry $Dom
#endregion
# Create a selector and start searching from the Root of AD
#region
$selector = New-Object DirectoryServices.DirectorySearcher
$selector.SearchRoot = $root
#endregion
# Integer to compare file length
$c=0
# Get the Group text file's length and write to scree and variable
$fileLength = [System.IO.File]::ReadAllText($NewTextFile).Split("`n").Count
Write-Host "Found " $fileLength "Groups in Active Directory" -foregroundcolor Magenta
# Integer for thumbing through 'memberOf' in active directory
$d = 0
# Integer for the amount of of users found
$f = 0
# Start a while loop where we read through the entire groups text file
while ($c -le $fileLength)
{
# Increment the line number for the next pass through
$c++
# Grab the first line of text from the groups file (Really the 0th line) and then tell the user
$currentGroup = (Get-Content $NewTextFile)[$c]
# Create the group
CreateGroup
#Write-Host "Created Group: " $currentGroup -foregroundcolor Red
#
Write-host $c "/" $fileLength "`t" $currentGroup -foregroundcolor Red
# Query Active directory and force some commands
$adobj= $selector.findall() | where {$_.properties.objectcategory -match "CN=Person"}
foreach ($person in $adobj)
{
# Variable for the different properties to reduce fatigue
$prop=$person.properties
# The Department
$department = $prop.department
# Sir Name
$sn = $prop.sn
# Given Name
$gn = $prop.givenname
$un = $prop.samaccountname
# Assign the really long memberof to a variable
$memberof = $person.properties["memberof"]
# Length of memberof
$memberofcount = $test.Count
# Loop for each group the member is in
while ($d -le $memberof.Count)
{
$blah = ForEach-Object{`
$memberof[$d]`
-replace "CN=OLDLEGACYGROUP",""`
-replace "CN=",""`
-replace ",OU=Sales",""`
-replace ",OU=Some Groups",""`
-replace ",OU=Groups","" `
-replace ",OU=The Office","" `
-replace ",DC=mydomain","" `
-replace ",DC=com","" `
}
# Incriment the d
$d++
# Is that user in the group?
if ($blah -eq $currentGroup)
{
# Hey look we found somebody in that group :)
Write-host "`t`t`t" $un -foregroundcolor Magenta
addUser
$f++
}
#elseif ($blah -ne $currentGroup)
#{
# removeUser
#}
else
{
# Oh noes...nobody is in that group...that is strange
}
}
# Are we at the end of what the user has
if ($d -ge $memberofs.Count)
{
# Looks like we are :)
$d=0
}
}
# Display amount of users found
#Write-Host "`t`t`t" $f " user(s) found"
$f = 0
}
# Stop Watch
$sw.Stop()
# Write the compact output to the screen
write-host "Updated in Time: ", $sw.Elapsed.ToString()
#This space is saved for future development