I have been trying to export a list that oulines the attribute 'businesscategory'.
Here is the command:
ipmo activedirectory
get-aduser -Filter * -Properties * | select userprincipalname, businesscategory |export-csv -Path C:\Temp\businesscategory.csv -Delimiter ";" -NoTypeInformation
The thing is that I get this output under the row 'businesscategory' in my .csv :
"Microsoft.ActiveDirectory.Management.ADPropertyValueCollection"
The output is good in the Powershell console though.
I have looked for answers around the Internet but unsuccessfully so far...
Thank you guys.
It's a multivalued property so you have to create a new property and concatenate the values or select one of them
get-aduser -filter * -Properties * | select userprincipalname, #{n="businesscategory";e={$_.businesscategory -join " "}}
then it will be exported as a string in your csv.
I would like a powershell script to find the domain of an user.
I tried with Get-ADUser <user> -Properties *
It shows the domain(CN=Domain Users,CN=Users,DC=nam,DC=nsroot,DC=net). But I want it to display on the domain because I have a huge list of users
Maybe this?
Get-ADUser <user> -Properties * |
Select *,#{l='Domain';e={ $_.canonicalname.split('/')[0] } }
Well..there is the userprincipalname property but a lot of times it is blank. You could do something like this
(get-aduser -filter *).SamAccountName | % {$_.Insert(0,'test\')}
Just change 'test\' to your domain name
Pick what properties you want and modify this:
$Domain = Get-ADDomain | select -expandproperty NetBIOSName
Get-ADUser <USERID OR -Filter *> -Properties DisplayName | select samAccountName, DisplayName, #{n="Domain";e={$Domain}} | Export-Csv Users1.csv -NoTypeInformation
Just in case someone else is looking for this in the future...
I'm attempting to move AD users to different ou's based on a CSV file of employee numbers. I've searched around and I have found a suggestion and tried this code:
Import-Module ActiveDirectory
$TargetOU = "OU=Math,OU=Students,DC=domain,DC=net"
$IDs = Import-CSV "c:\testids.csv" | Select -ExpandProperty employeeID
Get-ADUser -filter * -Properties employeeID | Where { $IDs -contains $_.employeeID } |
Move-ADObject -TargetPath $TargetOU
My csv file looks like this
employeeID
11111
22222
33333
It runs with no errors. But the users never move. Im running Server 2012R2.
Any suggestions? Am I on the wrong track or completely off in left field?
Try this
Import-Module ActiveDirectory
$TargetOU = "OU=Math,OU=Students,DC=domain,DC=net"
$IDs = Import-CSV "c:\testids.csv" | Select employeeID
$IDs | % { Get-ADUser -Filter { employeeID -eq $_.employeeID } -Property employeeID |
Move-ADObject -TargetPath $TargetOU }
Sorry, I pushed 'Enter' too quickly. This has your CSV saved as the $IDs object before you start. I think your pipes were a little out of order. Let me know if this works, and if it doesn't I'll try again.
Ok, I'm on the bandwagon of I want to be sure your finding the correct users first. Theory being that Move-ADObject is not getting any input.
First I would do this to check the CSV file contents.
Get-Content "c:\testids.csv" | Select -Skip 1 | ForEach-Object{"'$_'"}
Then assuming that is working what is the result of this command?
$IDs | ForEach-Object{Get-ADUser -Filter "employeeID -eq '$_'" -Property employeeID
Update from Comments
I wonder now if you are looking at the wrong AD Attribute. Maybe it should be EmployeeNumber.
$IDs | ForEach-Object{Get-ADUser -Filter "employeeNumber -eq '$_'" -Property employeeNumber
Give that a try and see if that is what you need?
Also should try and verify that you have no white-space or special characters in the actual employeeid
"'$(Get-Aduser accountthathasid -properties employeeid | select -expand employeeid)'"
I'm willing to bet that the whole issue you're running into is that Get-ADUser is returning no user objects.
<Previous answer removed>
Edit: Ok, I give up, this makes no sense. I now can not find my own user by looking for it by EmployeeID. I think there may be some issues searching by employeeID because this returns nothing:
$me = get-aduser $env:USERNAME -Properties EmployeeID
Get-ADUser -filter "EmployeeID -eq '$($me.EmployeeID)'" -Properties EmployeeID
I verified that $me does in fact contain my ADUser object info, including my EmployeeID. I thien tried:
Get-ADUser -filter "UserPrincipalName -eq '$($me.UserPrincipalName)'"
This did work, so I am sure that my format works. At this point, I withdraw and wish you luck.
I'm writing a simple PowerShell script that fetches certain fields from Active Directory using the "Get-ADUser" cmdlet and outputs them to a CSV file, which works just fine:
Get-ADUser -filter * -properties Division,Department,EmployeeID,GivenName,Sn,C,Title,Mail,ExtensionAttribute3,ExtensionAttribute4,SamAccountName -server myADserver.domain.com:3268 | select Division,Department,EmployeeID,GivenName,Sn,C,Title,Mail,ExtensionAttribute3,ExtensionAttribute4,SamAccountName | Export-Csv -notype C:\Security-ActiveDirectory.csv
I'm looking to convert the "SamAccouontName" field to all uppercase when it is output to the CSV file. I tried applying the ToUpper() and Upper(string) methods, but they give me syntax errors:
Get-ADUser -filter * -properties Division,Department,EmployeeID,GivenName,Sn,C,Title,Mail,ExtensionAttribute3,ExtensionAttribute4,SamAccountName -server myADserver.domain.com:3268 | select Division,Department,EmployeeID,GivenName,Sn,C,Title,Mail,ExtensionAttribute3,ExtensionAttribute4,ToUpper().SamAccountName | Export-Csv -notype C:\Security-ActiveDirectory.csv
Get-ADUser -filter * -properties Division,Department,EmployeeID,GivenName,Sn,C,Title,Mail,ExtensionAttribute3,ExtensionAttribute4,SamAccountName -server myADserver.domain.com:3268 | select Division,Department,EmployeeID,GivenName,Sn,C,Title,Mail,ExtensionAttribute3,ExtensionAttribute4,Upper(SamAccountName) | Export-Csv -notype C:\Security-ActiveDirectory.csv
Can anyone help me on how I can make that field uppercase and still export to the CSV file?
Thanks!
Brian
You can do it like this:
Get-ADUser -filter * -properties Division,Department,EmployeeID,GivenName,Sn,C,Title,Mail,ExtensionAttribute3,ExtensionAttribute4,SamAccountName -server myADserver.domain.com:3268 |
select Division,Department,EmployeeID,GivenName,Sn,C,Title,Mail,ExtensionAttribute3,ExtensionAttribute4,#{Label = 'SamAccountName' ; Expression = {$_.SamAccountName.ToUpper()}} |
Export-Csv -notype C:\Security-ActiveDirectory.csv
I am running into a strange issue when using Get-ADGroups and Get-ADGroupMembers
This line works correctly (no issues)
$searchFilter = "OU=Projects,DC=my,DC=lab"
Get-ADGroup -Filter * -Properties * -SearchBase $distinguishedName | Get-ADGroupMember | Where-Object {$_.objectClass -eq "user"} | Get-ADUser | ft Name, SamAccountName, Enabled
However this block does not work
$groups = Get-ADGroup -Filter * -Properties * -SearchBase $distinguishedName
foreach ($g in $groups) {
Write-Host "Group:" $g.CN "(" $g.DistinguishedName ")"
Get-ADGroupMember -Identity $g.DistinguishedName -Debug -Verbose | Where-Object {$_.objectClass -eq "user"} | Get-ADUser | ft Name, SamAccountName, Enabled
}
Returns the following exception
Microsoft.ActiveDirectory.Management.ADException: An operations error occurred ---> System.ServiceModel.FaultException`1[schemas.microsoft.com._2008._1.ActiveDirectory.CustomActions.GetADGroupMemberFault]: Active Directory returned an error processing the operation.
Anyone have any thoughts on why?
Your second one works for me. Double-check your $distinguishedName value that you are passing to -SearchBase.
I noticed that you define $searchFilter, but you never actually reference it. Is that a typo?