I am trying to query AD for a list of users and a particular variable like so:
get-aduser -filter * -Properties * | select Samaccountname,vasco-LinkUserToDPToken | Export-Csv U:\test.csv -NoTypeInformation
However this returns the samaccountname and Microsoft.ActiveDirectory.Management.ADPropertyValueCollection.
Looking at the web I have ascertained that this property is a collection and I would need something along the lines of this to expand it and allow it to be exported to CSV:
get-aduser -filter * -Properties * | select #{name="vasco";expression={$_.vasco-LinkUserToDPToken -join}},samaccountname | Export-Csv U:\test.csv -NoTypeInformation
However I keep getting the following error:
Unexpected token '-LinkUserToDPToken' in expression or statement.
I am guessing that powershell is reading the "-" as some form of operator and dooming out. Unfortunately I cant find a way round it. I understand ` is the escape character but my blunt force usage of it has yielded no useable results. I was hoping someone might be able to help usher me in the right direction. It could well be that my frantic blog post reading has led to me misunderstanding the hash table usage syntax as well...
I have encountered this before in our environment and the trick is the use double quotes after the $_. sign variable like this. $_."vasco-LinkDPToUserToken"
get-aduser -filter * -Properties * | select #{name="vasco";expression={$_."vasco-LinkUserToDPToken" -join}},samaccountname | Export-Csv U:\test.csv -NoTypeInformation
You should be able to access the property by name like this:
$UserObject.Properties.Item("vasco-LinkUserToDPToken")
So your Hash table expression comes to look like this:
#{name="vasco";expression={$_.Properties.Item("vasco-LinkUserToDPToken") -join}}
Related
Below is the code I am working with. I have verified that the initial import-csv is working as it should be, and if I change out the variable object for a concrete object, the script works as it should. It just seems to not recognize/use the variable the way that it should.
$CSVOutput = "C:\temp\output.csv"
$Output = foreach($u in $userlastname)
{
Get-ADComputer -Filter {Description -Like '*$u*'} -properties Description | Select Name, Description
}
$Output | Export-Csv $CSVOutput
If I replace the $u in the filter with one of the values from the $userlastname variable, it works, but it just runs the search with the set value as many times as it runs the foreach loop. I am expecting to see several different computer objects that have the different values from $userlastname in their description. Currently it returns nothing, as if it found no values that matched in the description field.
While it’s technically possible to use a scriptblock as a filter in the ADCommands, it isn’t recommended - use a string instead:
Get-ADComputer -Filter "Description -like '*$($u.name)*'" -Properties ...
Using a string will solve your variable substitution issue.
ETA: Comments indicated that you were getting #{Name=User} as the expansion for $u in the filter expression. This is because $u was a structured [PSCustomObject], and you were looking for a single field from that object. The easiest way to get the value of the desired field of the object is simply to use the PowerShell evaluation construct, as given in the edited answer.
my apologies if this has been asked many times before but I could use a hand with the command below. I am extracting Active Directory user information to a CSV but can use a hand with the correct code to replace the telePhoneNumber field with a fixed number of "555-555-5555" if it is null. I guess our organization has a lot of users without a phone number, and when I try to use the csv for our intended project, I can't because it errors and fails to grab the user if they do not have a phone number supplied. Is this possible to do?
Get-ADGroupMember -Identity "GROUPNAME" | Get-ADUser -Properties * | select #{N='UserName';E={$_.UserPrincipalName}},#{N='FirstName';E={"" + $_.givenName}},#{N='LastName';E={"" + $_.sn}},#{N='BusPhone';E={$_.telePhoneNumber}} | Export-csv c:\intel\thegroup.csv -NoTypeInformation
You can do whatever you like in the expression block of a calculated property.
Try changing:
#{N='BusPhone';E={$_.telePhoneNumber}}
to:
#{N='BusPhone';E={if($_.telePhoneNumber){$_.telePhoneNumber}else{'555-555-5555'}}}
Im trying to export AD users to a csv file by powershell. Now one field only needs to have the first letter of the value. Eg: name - Kevin, initials - K.
I have tried with substring, but im obviously doing something wrong:
PS C:\Users\Administrator> Get-ADUser -Filter * -Properties * | Select -Property substring.surname(1,1),surname,givenName,samaccountname,givenN
ame,Mail,Department | Export-CSV "C:\Export\Users.csv" -NoTypeInformation
Obviously im still pretty new to powershell.
You have a couple of issues here:
1) You're selecting "GivenName" twice - PowerShell won't allow that:
2) you want substring (0,1) - start as position 0 and count 1 letter along.
3) this should do what you want it to do:
Get-ADUser -Filter * -Properties * | `
Select #{n='initial';e={$_.surname.substring(0,1)}},surname,givenName,samaccountname,Mail,Department | `
Export-CSV "C:\installs\Users.csv" -NoTypeInformation
essentially, you're creating and recycling a small property array each time - which allows you to set a value (the substring) which is then returned up the chain to the select and then on to your CSV file :)
(might also be worth noting, you're selecting the first letter of the surname, but in your question, you're asking to get K from Kevin - you might want to be selecting from a forename field).
Other notes:
-filter * -properties * is very computationally expensive - you're getting all fields for all users and only selecting a few. try listing properties the same way you do in your select.
select -property - the -property switch is redundant and optional - just using Select stuff,otherstuff will do the same thing and will be easier to read
If you feel the process leanthy, you can also try CJWdev tool or Lepide active directory query tool. They both are free and helps to fetch such AD reports quickly.
I am writing a script to create new AD users and doing a test to make sure an existing displayname is not found because New-ADUser will fail if one is found. Can someone help me understand why I might never get a true outcome from the following array list?
$ExistingDNs= Get-ADUser -SearchBase 'OU=whateverOU' -Filter * -Property displayname | select displayname | Out-string
My goal is to load up all the existing displaynames in an OU and then compare this with a method in which I read a CSV file to create a displayname, but I can't seem to get it to return as true.
If ($ExistingDNs.DisplayName -contains $DisplayName)
I was told this should work, but when I try looking at the array it is empty? Only $ExistingDSs shows me the list visually in ISE, where I can see clearly that a name exists that is the same in my CSV file, but the match is never found and never comes back as true even though both are string values I believe.
I'm sure it is because you are using Out-String which breaks the object array that select displayname would have created. Currently your $ExistingDNs is a newline delimited string when you really want a string array.
$ExistingDNs = Get-ADUser -SearchBase 'OU=whateverOU' -Filter * -Property displayname | select -ExpandProperty displayname
Also we use -ExpandProperty so you just end up with an array of strings. That way your conditional statement can be reduced to...
If ($ExistingDNs -contains $DisplayName)
I am using ActiveRoles Management Shell under Windows XP , Powershell ver 2 for retreiving Group data from AD and exporting it to csv file.Everything works well apart from getting member list it is so long that the program is writing in excel cells under member column System.String[] each time.How can I make it write whole list there , is it possible ? I could actually have only the name of the member don't need whole connection path.Is there a possibility to get from group field member only name ?
get-QADGroup -SearchRoot 'ou=User,ou=Groups,ou=PL,dc=test,dc=com'| Select-Object -property name,sAMAccountName,description,groupType,member|Export-Csv -path Y:\csv\groups.csv
Ok, as Matt suggested you want an expression in your Select statement. I would use something like this:
#{l="Members";e={$_.Members -join ", "}}
Which when inserted into your one-liner looks like:
get-QADGroup -SearchRoot 'ou=User,ou=Groups,ou=PL,dc=test,dc=com'| Select-Object -property name,sAMAccountName,description,groupType,#{l='Members';e={$_.member -join ", "}}|Export-Csv -path Y:\csv\groups.csv -NoTypeInfo
I also added -NoTypeInfo to the export to skip the annoying lead line telling you it's a PSCustomObject or some such and actually just get your data (and headers).
I don't have access to the quest cmdlets so I will provide a solution based on cmdlets from the activedirectory
Get-ADUser -Filter * -SearchBase "OU=Employees,DC=Domain,DC=Local" -Properties memberof |
Select-Object name,#{Name="Groups";Expression={$_.MemberOf |
ForEach-Object{(Get-ADGroup -Identity $_).Name + ";"}}} |
Export-Csv C:\temp\TEST.CSV -Append
To make sense of this by line:
Should be self explanatory. Get all users in the OU defined. You would need to change this to suit your needs.
The select statement appears normal until you reach the calculated property Groups.
What continues from the previous line is cycling through every group that an individual user is a memberof and get the friendly name of the group (MemberOf returns DistinguishedName's). At the end of every group add a ";" as to not interfere with the CSV that will be made later.
Append to a csv file.
For brevity I didnt include all the extra properties that you included in your Select-Object statement. You would obviously need to add those back as the need fits.
Since you have the use the Quest cmdlets you could just change member in your select statement to the following:
#{Name="Groups";Expression={$_.member | ForEach-Object{"$_;"}}}
I cannot test if this will work. It is based on the assumption that member contains a simple name as supposed to a distinguishedname