Enumerate Prism Group Accounts

June 5, 2020

by Ed McAndrew

Intended Audience Level: Beginner/Intro

Code Sample Type: Snippet

Nutanix Technologies: Prism Central, Prism Element

Minimum Product Version: All Prism

Script/Code Language: PowerShell

REST API Sample? No

REST API Version: N/A

This script will enumerate the defined Active Directory group members and construct the correct comma delimited string format for adding individual user roles in Prism.

Code Sample Details

This section may be empty if additional code sample details are not available.
#
.notes
	##############################################################################
	#	 	 Enumerate Prism Group Accounts
	#	 	 Filename			:	  Enumerate_Prism_Group_Accounts.ps1
	#	 	 Script Version	:	  1.0.0
	##############################################################################
.prerequisites
	1. Powershell 2 or above ($psversiontable.psversion.major)
	2. RSAT tools (Active Directory Powershell Module(s))
	3. Set the appropriate variables for your environment.
.synopsis
	This script will enumerate the defined Active Directory group members and construct the correct comma delimited string format for adding individual user roles in Prism.
.disclaimer
	This code is intended as a standalone example.  Subject to licensing restrictions defined on nutanix.dev, this can be downloaded, copied and/or modified in any way you see fit.

	Please be aware that all public code samples provided by Nutanix are unofficial in nature, are provided as examples only, are unsupported and will need to be heavily scrutinized and potentially modified before they can be used in a production environment.  All such code samples are provided on an as-is basis, and Nutanix expressly disclaims all warranties, express or implied.

	All code samples are © Nutanix, Inc., and are provided as-is under the MIT license. (https://opensource.org/licenses/MIT)
#>
##############################################################################
# SET VARIABLES
##############################################################################
$my_ad_groupname = "" # This is the SamAccountName of the AD group that holds all of the users who will need to access Prism
##############################################################################
####### NO NEED TO CHANGE ANYTHING BELOW HERE #######
##############################################################################
if (!(get-module activedirectory)) { import-module activedirectory; }
if (!(get-module activedirectory)) { write-host "No Active Directory module available, exiting..."; exit }
$my_outputstring="";
Write-host "`r`nEnumerate Prism Group Accounts" -foregroundcolor GREEN
if (!$my_ad_groupname) { $my_ad_groupname = Read-host "`r`nEnter your groups' SamAccountName." }
if (!$my_ad_groupname) { write-host "No Active Directory group identified, exiting..."; exit }
get-adgroupmember -identity $my_ad_groupname | select-object SamAccountName | % { $my_outputstring += -join($_.SamAccountName,",") }
$my_outputstring.trimend(',') | clip
Write-host "`r`nOutput String: [" -nonewline -foregroundcolor GREEN
Write-host "$($my_outputstring.trimend(','))" -nonewline -foregroundcolor CYAN
Write-host "]" -foregroundcolor GREEN
Write-host "`r`nThis output string should also be in your clipboard...`r`n" -foregroundcolor YELLOW
Write-host "Paste this string into a Prim 'User' role mapping.`r`n" -foregroundcolor YELLOW