Ok.  One last bit of madness.  

I would play with an Exchange 5.5 scenario but the funny thing is, I don’t think I have the Media anywhere…. Maybe if I ask Kevin nicely.

The whole point of this task wasn’t to really so much Manage an NT4 server but to determine what data I COULD pull from a legacy Domain that was so far out of support, you’d be stuck.  I wanted to see what Powershell could REALLY do.  I’ve been impressed.

My final task I decided was to try and pull out Group memberships from archaic and stale domain.   Completely migrate whatever we could onto a new platform.

Having the Groups created in Active Directory from the old NT4 domain just saves me typing.   It’s NICE but it’s not the whole beast.   Getting the user membership migrated over, THAT’S the big time saver.

So in our CONTOSO domain we obtained the groups by Binding to the Domain with the [ADSI] provider and then running a quick Cmdlet to filter out only Groups.

$NTDomain=[ADSI]”WinNT://CONTOSO”

$Groups=$NTDomain.psbase.children | where { $_.SchemaClassName –eq “group” }

But the bigger challenge would be to pull  out the memberships and store them into something useful (Like say a CSV file?  With the GroupName in a column?)

I found that if I ran a direct bind to a group like this

$groupname=[ADSI]”WinNT://CONTOSO/Administrators”

$groupname.members()

I could pull out Something.  But the something was a result like below

image

But thanks to a posting from Brandon Shell (@bsonposh) I found, “Enumerating Local Group Membership” this wasn’t so bad.  

Well, I fibbed.  It LOOKED bad because it involved a funky method that made my head hurt, but his solution worked perfectly.   You had to pipe each member of the returned array into THIS to get the Name of the User.

$_.gettype().invokemember("Name",’GetProperty’,$null,$_,$null)

Now I know why I hated working with NT4!

So running our initial list of Group Members through Brandon’s special Powershell decoder ring….

$Groupname.members() | foreach { $_.gettype().invokemember("Name",’GetProperty’,$null,$_,$null)}

and we now have USEFUL information.

image

Now to pull out this pile and produce something useful CSV output

We also have the list of Groups from Before.   Within the property returned is “PATH” which is the Path we need to bind to with [ADSI].   We’ll use that to individually bind to the Groups, pull their membership and output all to a CSV file we’ll build.

# Bind to the NT4 Domain Contoso

$NTDomain=[ADSI]”WinNT://CONTOSO”

$Groups=$NTDomain.psbase.children | where { $_.SchemaClassName –eq “group” }

# Define my Quotes and commas

# Honestly?  It’s to avoid my blog software switching the characters on me

# I could just as well use this ‘”Groupname”,”Groupmember”’

# But every so often the characters switch.

# Besides, this is more readable Smile

$quote=[char][byte]34

$comma=[char][byte]44

# Create a blank file to hold the data

NEW-ITEM C:\Powershell\Groupmembers.csv –itemtype file –force

# Add the Header to our CSV file

add-content –value ($Quote+”GroupName”+$quote+$comma+$Quote+”Groupmember”+$quote) –path c:\powershell\groupmembers.csv

# Step through the Groups

$groups | foreach {

# Store away the Group name

$name=$_.Name;

# Step through the membership

$_.members() | foreach {

# Run this through Brandon Shell’s (@bsonposh) secret Decoder ring…

$member=$_.gettype().invokemember("Name",’GetProperty’,$null,$_,$null)

# Store away the data and place it into a CSV file

$Data=$quote+$Name+$quote+$comma+$quote+$Member+$quote

add-content –value $data –path C:\Powershell\Groupmembers.csv

}

}

At the end you should have a CSV file that looks like this

image

Which if you copy over to a USB key (And presuming you already created the Group names in the Server 2012 BEFORE with the previous data gathering session) you could do something like this to populate the groups.

IMPORT-CSV C:\Powershell\GroupMembers.csv | Foreach { ADD-ADGROUPMEMBER $_.Groupname $_.Groupmember }

Oh look.  All my memberships populated in a NEW Domain Smile Sweeeeet.

Feelin’ that Power flowing free with PowerShell

Sean
The Energized Tech

Advertisements