My Get-ADComputer script gives too much information. I would like to shorten it out a little.
$Computer = Read-Host -Prompt 'Input computer name'
$ManagedBy = Get-ADComputer $Computer -Properties ManagedBy |
foreach { $_.ManagedBy }
Write-Output $ManagedBy
When I tried to run my scrip it gives this to output
CN=Last Name First Name ,OU=XX ,OU=XXX ,OU=XXX ,DC=XXX,DC=XXX
I would like to get only CN in the output (First name and Las Name).
Your code returns the distinguished name of the computer's manager. You can use that DN to query the AD user object and obtain the desired properties from that (like FullName, or DisplayName, or the individual values FirstName and LastName).
Get-ADComputer $Computer -Properties ManagedBy |
Select-Object -Expand ManagedBy |
Get-ADUser -Property FullName |
Select-Object -Expand FullName
Firstly have you looked at the objects properties?
These Properties are auto assigned to the variable, when created.
You can see them with:
$ManagedBy | Get-Member
You may well find that $ManagedBy.Name will give exactly what you want.
Further reading for you: https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.utility/get-member?view=powershell-6
Related
I have a list of displaynames and I need to get their AD informations.
Get-Content "C:\displaynames.txt" |
foreach {
$givenname,$surname = $_ -split ' '
if (Get-ADUser -Filter "surname -eq '$surname' -and givenname -eq '$givenname'"){
Get-ADUser -Filter { displayName -match $_} -Properties EmailAddress, Manager | Select Givenname, Surname, SamAccountName, EmailAddress, Manager}
else {Get-ADUser -Filter { displayName -like "AD Test"} -Properties EmailAddress, Manager | Select Givenname, Surname, SamAccountName, EmailAddress, Manager}
} | Export-Csv -Path C:\result.csv
This works fine, but only if users have no middle names ex. John Moore
If the user has a middle name, it doesn't pick it up.
How can I change the script so it picks up users with middle names ex. John Roger Moore?
As Mathias R. Jessen already commented, you can use the -Filter on property DisplayName directly.
The Filter should be a string, not a scriptblock.
Using -Filter also has the advantage that you can suppress exceptions being thrown, so I would build in a step to confirm that we indeed did find a user with that displayname:
Get-Content "C:\displaynames.txt" | ForEach-Object {
$user = Get-ADUSer -Filter "DisplayName -eq '$_'" -Properties DisplayName, EmailAddress, Manager -ErrorAction SilentlyContinue
if ($user) {
# output the wanted properties as **object**
$user | Select-Object Givenname, Surname, SamAccountName, EmailAddress, Manager
}
else {
# nobody in this domain with a displayname like that..
Write-Warning "User '$_' could not be found.."
}
} | Export-Csv -Path 'C:\result.csv' -NoTypeInformation
Note that the Manager property is in the form of the managers DistinguishedName. If you want to get other properties for the manager, like his/her name, you will have to use Get-ADUser -Identity $user.Manager to get the wanted property there too
The basic question here is how to account for middle names.
PowerShell 5 has some AI-powered cmdlets.
Here, I will quote an example from the documentation.
Example 2: Simplify format of a string
$composers = #("Johann Sebastian Bach", "Wolfgang Amadeus Mozart", "Frederic Francois Chopin", "Johannes Brahms")
$composers | Convert-String -Example "first middle last=last, first"
Bach, Johann
Mozart, Wolfgang
Chopin, Frederic
Brahms, Johannes
The first command creates an array that contains first, middle and last names. Note that the last entry has no middle name.
The second command formats the names according to the example. It puts the last name first in the output, followed by the first name. All middle names removed; entry without middle name is handled correctly.
Convert-String (Microsoft.PowerShell.Utility) - PowerShell | Microsoft Docs
I'm trying to use a list of usernames to perform a simple get-aduser command. It works fine for a single user, but I can't input a file to perform this for a list.
This command works fine for a single user:
get-aduser -identity myusername -properties passwordlastset, passwordneverexpires |
sort name | ft Name, passwordlastset, Passwordneverexpires | out-file c:\PS\Output.txt
This works fine, but rather than use -filter * for all AD or identity pointing to a file, I am completely lost. I have tried doing a get-content and link to a file but I'm just getting into a pickle.
If I have a text file with a list of usernames in, how do I run the above command against that single text file list, rather than all of AD?
As a side query, is there a way that I can perform the above command, but for a specific OU?
If you have a list that isn't an object, either import it to an object or iterate over the values
Try something like:
$Userlist = Get-Content -path 'c:\temp\test.txt'
$Results = $Userlist | ForEach-Object {
Get-aduser -identity $_ -properties passwordlastset, passwordneverexpires
}
$Results | sort name | ft Name, passwordlastset, Passwordneverexpires | out-file c:\PS\Output.txt
This will work as long as you supply valid SamAccountNames in your list
I would do it this way. You can pipe in identity byvalue. You can import the csv later and get objects back.
get-content userlist.txt |
Get-aduser -properties passwordlastset, passwordneverexpires |
sort name |
select Name, passwordlastset, Passwordneverexpires |
export-csv users.csv
# searchbase example
get-aduser -filter 'name -like "j*"' -SearchBase 'OU=People,DC=stackoverflow,DC=com'
Good day. What I am trying to accomplish is showing the DisplayName as well as the Name but the only thing I can get to show with Compare-Object is Name so I am trying to pass the output from Compare-Object into Get-ADUser to get more user information. Below is the code that I am working with.
Import-Module ActiveDirectory #imports AD module
$group = Read-Host "What is the group name that you want to get membership for?"
$list = Get-ADGroupMember $group -recursive | Select Name
$OU = Read-Host "What is the OU that you want a list of? [List full path {OU=xxx,DC=xxx,DC=xxx}]"
$OUList = Get-ADUser -SearchBase $OU -Filter * -Properties Name, DisplayName, Title | Select Name
$Comparison = (Compare-Object -ReferenceObject $list -DifferenceObject $OUList | Where-Object {$_.SideIndicator -eq "=>"} | Select Name
ForEach ($user in $Comparison) {Get-ADUser $user.InputObject -Properties Name,DisplayName | Select Name, DisplayName}
The error I get is
Get-ADUser : Cannot bind parameter 'Identity'. Cannot convert value
"#{Name=username}" to type
Microsoft.ActiveDirectory.Management.ADUser
I know this is probably something simple but I can't quite figure it out. Thank you for any assistance.
I'm attempting to write a Powershell script that allows me to do the following:
Use Get-ADGroupMember to get users that are apart of a specific group
Use info from step one in Get-ADUser to get user info in lastname, firstname format
Use string from step 2 in Get-ADComputer to search the description field of all computers to find computers that have that string within its description field.
Here is what I was trying (thought it would work in my head):
Get-ADGroupMember 'Group Name' | Get-ADUser -Properties givenName, sn | select givenName, sn | Get-ADComputer -filter 'description -like "$sn,$givenName"' -property description | select Name*
Bold text works, I know Italics text wouldn't work but thats the format of how I'd think it would work
Let me know if I made any since, definitely a Powershell newbie
TLDR: trying to get Names of users and their computer name's based on a search of specific AD group
At that point in the pipeline, you're no longer directly using the output object of Get-ADUser as the input object of Get-ADComputer. That's where the ForEach-Object cmdlet comes in. It takes a scriptblock that allows you the define the behavior for each item in the pipeline:
Get-ADGroupMember 'Group Name' |
Get-ADUser -Properties givenName, sn |
ForEach-Object -Process {
$sn = $_.sn
$givenName = $_.givenName
Get-ADComputer -Filter 'description -like "$sn,$givenName"' -property description
} | select Name*
I want to find description of computer in AD by specific word that exists in Description.
$username = "test111"
Get-ADComputer -filter {Description -Like 'test111*'} -Properties Description | select Description # this works ok
Get-ADComputer -filter {Description -Like "$username*"} -Properties Description | select Description # shows nothing, no error
How can I make the search using variable?
You could just do a query like this:
$username = "test111"
Get-ADComputer -Filter "Description -Like '$username*'" -Properties Description | Select -Expand Description
I think what was happening is that $username was probably $null since it was not passed to the script block. Changing the -Filter to be using quotes allows the variable to expand properly. Threw and -Expand in there so you just get back a string array instead of an Object array.