I try to filter out something like this:
Get-ADComputer -Filter {name -like "chalmw-dm*" -and Enabled -eq "true"} ...
This works like a charm and gets exactly what I want...
Now I want the "name -like ..." part as a variable like this:
Get-ADComputer -Filter {name -like '$nameregex' -and Enabled -eq "true"} |
I checked several questions (for example, PowerShell AD Module - Variables in Filter), but this isn't working for me.
I tried it with the following:
$nameRegex = "chalmw-dm*"
$nameRegex = "`"chalmw-dm*`""
And also in the Get-ADComputer command with those ' and without.
Could anyone give me some hints?
You don't need quotes around the variable, so simply change this:
Get-ADComputer -Filter {name -like '$nameregex' -and Enabled -eq "true"}
into this:
Get-ADComputer -Filter {name -like $nameregex -and Enabled -eq "true"}
Note, however, that the scriptblock notation for filter statements is misleading, because the statement is actually a string, so it's better to write it as such:
Get-ADComputer -Filter "name -like '$nameregex' -and Enabled -eq 'true'"
Related. Also related.
And FTR: you're using wildcard matching here (operator -like), not regular expressions (operator -match).
Add double quote
$nameRegex = "chalmw-dm*"
-like "$nameregex" or -like "'$nameregex'"
Try this:
$NameRegex = "chalmw-dm"
$NameR = "$($NameRegex)*"
Get-ADComputer -Filter {name -like $NameR -and Enabled -eq $True}
Or
-like '*'+$nameregex+'*'
if you would like to use wildcards.
Related
Looking for a little explanation as to why this isn't working and what I might be doing wrong. Any Help would be great!
Expected Results :
BSMITH
Get-Aduser -filter {(givenname -eq "Bob") -and (surname -eq "Smith"))} | select-object SamAccountName
Result :
BSMITH
Works Fine. Good to go
Expected Result :
BSMITH
$textbox_FirstName = "Bob"
$textbox_LastName = "Smith"
Get-Aduser -filter {(givenname -eq "$textbox_FirstName.text") -and (surname -eq "$textbox_LastName.text")} | select-object SamAccountName
Result : (Blank Nothing)
I have tried givenname -eq "$textbox_FirstName.text" without quotes, without .text, with no quotes at all. Still no results :(
Both variables are of the type string they don't have a .text property, in addition adding double quotes to your variable would expand the variable and concatenate .text:
$textbox_FirstName = "Bob"
"$textbox_FirstName.Text" => Bob.Text
Any of these options should give you the output you expect:
Get-Aduser -Filter {GivenName -eq $textbox_FirstName -and Surname -eq $textbox_LastName}
Get-Aduser -Filter "GivenName -eq '$textbox_FirstName' -and Surname -eq '$textbox_LastName'"
Get-Aduser -LDAPFilter "(&(GivenName=$textbox_FirstName)(Surname=$textbox_LastName))"
Hi im trying to Filter AD-Groups by a string i defined in a variable:
$groupname="string"
Get-ADGroup -filter {GroupCategory -eq "security" -and Name -like ($sgroup_name+"*")}
How do i do this the right way?
String expansion doesn't work well with the -Filter parameter when passing it a script block - use a string filter instead:
$groupname = "string"
Get-ADGroup -Filter "GroupCategory -eq 'security' -and Name -like '${groupname}*'"
I'm trying to get AD users into a variable using multiple filters. However one of the filters has variables in it & I can't get it to work... I have searched for similar issues & tried applying those but nothing seems to work.
$FilterBase = "department"
$Filter = "IT"
$ADusers = Get-ADUser -ResultSetSize $null -SearchBase "OU=Users,DC=mydomain,DC=com" -Properties * -Filter {(Enabled -eq $True) -and ($FilterBase -like $Filter) -and (cn -notlike ""SMB_*"")} |
Select-Object distinguishedName |
Sort-Object distinguishedName
I'm trying to fill $ADusers with all enabled users whose commonname doesn't start with "SMB_" (don't ask) & where the department is IT. I used -like to prevent issues if the values in AD would have different casings (uppercase, lowercase, mixed case, ...).
The reason that I'm using variables for this is because in the end the script will be dynamic. At some point $FilterBase is going to be "company" instead of "department" and $Filter is going to be "HR" instead of "IT" etc...
But I just can't seem to get it to work:
Get-ADUser : Error parsing query: '(Enabled -eq $True) -and ($FilterBase -like $Filter) -and (cn -notlike ""SMB_*"")' Error Message: 'syntax error' at position: '74'.
At line:4 char:12
I have tried using quotes around the variables like "$Filter", "$($Filter)", ' $Filter ' but alas. And I know it's not best practice to use variables in Filter but I can't think of any other way to accomplish this.
Any suggestions?
the error has the key to the answer. I'm sure I'll find this again and use it myself because I look this up every year or so...
Error parsing query: '(Enabled -eq $True)...'
In this case the filter needs a simple string 'True' which the variable $True does equal.
Two options will work, either
Enabled -eq 'True'
or
Enabled -eq '$True'
but
Enabled -eq $True
will not.
This should work
Replaced the braces with double quotes so inside them the variables still parse
Put single quotes around all strings and variables that resolve into strings
'$True'
'$Filter'
'SMB_*'
$FilterBase = "department"
$Filter = "IT"
$ADusers = Get-ADUser -ResultSetSize $null -SearchBase "OU=Users,DC=mydomain,DC=com" -Properties CN -Filter "(Enabled -eq '$True') -and ('$FilterBase' -like '$Filter') -and (CN -notlike 'SMB_*')" |
Select-Object distinguishedName |
Sort-Object distinguishedName
Important to note the above syntax highlighting will make the sample above look wrong because it misses the tokens like $FilterBase and $Filter when there are inside single quotes inside double quotes. Remember that single quotes are just apostrophes when inside double quotes, therefore the tokens should be colored differently and not look like strings.
> "('$FilterBase' -like '$Filter')"
('department' -like 'IT')
Paste a sample like above and see what it resolves to - best way to figure it out.
its just simply syntax error.
$enabled = 'Enabled'
$EnabledTrueOrFalse = $true
$SN = 'Surname'
$surname = "Doe"
$OU = "OU=Users,DC=mydomain,DC=com"
Get-ADuser -filter{$enabled -eq $EnabledTrueOrFalse -and $SN -eq $surname} -SearchBase $OU -Properties * | Select-Object distinguishedName | Sort-Object distinguishedName
read more about it here
Thanks for the tips guys. I couldn't get it to work with multiple filters so I moved some filters to the where clause.
My current (working) code is now:
$FilterBase = "department"
$Filter = "IT"
$ADusers = Get-ADUser -ResultSetSize $null -SearchBase "OU=Users,DC=mydomain,DC=com" -Properties * -Filter "$FilterBase -like `"$Filter`"" |
Where {$_.Enabled -eq $True -and $_.CN -notlike "SMB_*"} |
Select-Object distinguishedName |
Sort-Object distinguishedName
I am running a script which takes a person's first and last name from an SAP extract, and reads AD to get their UPN. For most people, this works; however there are a bunch of users whose first name is an issue. For instance "Philip Davies" (names changed to protect the innocent) in SAP is "Phil Davies" in AD. So: I have used the following command and it works:
Code:
Get-ADUser -SearchBase "OU=CBC Users,DC=cbc,DC=int" -Filter {GivenName -eq "Phil" -and Surname -eq "Davies"}
I then realised I can check for the first three characters which will NORMALLY be the same in the contracted name... so I did this which also works:
Code:
Get-ADUser -SearchBase "OU=CBC Users,DC=cbc,DC=int" -Filter {GivenName -like "Phi*" -and Surname -eq "Davies"}
Next step: variables; so I try this and it works:
Code:
$fna="Phil"
Get-ADUser -SearchBase "OU=CBC Users,DC=cbc,DC=int" -Filter {GivenName -eq $fna -and Surname -eq "Davies"}
But if I try this:
Code:
$fna="Philip"
$fna=$fna.Substring(0,3)
Get-ADUser -SearchBase "OU=CBC Users,DC=cbc,DC=int" -Filter {GivenName -like $fna* -and Surname -eq "Davies"}
I get no result. It doesn't matter if I use brackets, double-quotes, single-quotes, anything. As soon as I try to parse a variable AND use a wildcard, it either produces an error message or no result.
Can anyone please help me with this either by using the "-ldapfilter" method or telling me how to parse AND wildcard?
Thanks
You should not use the wildcard with a variable since you wish to check it with a name which is a string. So what you can do is directly wrap the string with the wildcard and store the final thing in a variable like:
$fna="Philip"
$fna="$($fna.Substring(0,3))*"
Get-ADUser -SearchBase "OU=CBC Users,DC=cbc,DC=int" -Filter {GivenName -like $fna -and Surname -eq "Davies"}
or you can use the LDAP Filter directly like :
Get-ADUser -SearchBase "OU=CBC Users,DC=cbc,DC=int" -LDAPFilter "(&(GivenName=$fna)(Sn=Davies))"
Hope it helps.
I've been racking my brain trying to figure out why the synatx below is wrong. I'm fairly new to powershell, so any help would be appreciated.
The issue seems to be with the $false in the filter variable, without that it works.
$BU = 'corp','sales'
$filter="(extensionattribute6 -like '*514' -or extensionattribute6 -like '*66048') -and msRTCSIP-UserEnabled -eq $false"
$BU | % {get-aduser -Properties displayname -Filter $filter -SearchBase 'ou=users,ou=$_,ou=Business Units,dc=biz,dc=com' -SearchScope Subtree}
Use single quotes around the content for $filter
$filter='(extensionattribute6 -like "*514" -or extensionattribute6 -like "*66048") -and msRTCSIP-UserEnabled -eq $false'
Double quotes will replace variables with their value, so it searches for msRTCSIP-UserEnabled -eq False (which throws a syntax error) instead of msRTCSIP-UserEnabled -eq $false.