From a primal form with checkbox I get a csv file with some properties.
I want to used these properties with cmdlet get-Adusers. The script is working if I only have only one value in the csv but not with some.
My CSV file is format like this :
"PropertiesSelected";"FilterSelected"
"SN,EmailAddress,CN,SamAccountName"; "DC=myDomain,DC=COM"
For the moment I don't try to used "filterSelected"
I think the problem is that powershell understand "SN,EmailAddress,CN,SamAccountName" as a single value
The command I used is like that :
Import-Csv c:\TempPowerShell\CheckBoxResults.csv -delimiter ";" |
ForEach-Object {
$FilterSelected=$_.FilterSelected
$PropertiesSelected=$_.PropertiesSelected
Get-ADUser -Properties "$PropertiesSelected" -Filter * -SearchScope Subtree -SearchBase "DC=MyDomain,DC=COM" -Server MyServer:3268
}
Thanks a lot for your help, I'm going to be crazy :)
Regards
Julien
You cant use a String with multiple properties as parameter input.
You can get around this by constructing your command as string and then executing it with invoke-expression:
$command="get-aduser -properties $PropertiesSelected -Filter * -SearchScope Subtree -SearchBase "DC=MyDomain,DC=COM" -Server MyServer:3268"
Invoke-expression $command
Regards Paul
ForEach-Object {
$FilterSelected=$_.FilterSelected
$PropertiesSelected=$_.PropertiesSelected
Get-ADUser -Properties $PropertiesSelected.split(",") -Filter * -SearchScope Subtree -SearchBase "DC=MyDomain,DC=COM" -Server MyServer:3268
}
Related
I'm trying to create a simple script that will automate membership to a security group for my org.
I think my variables are coming back empty and are likely either defined wrong or I messed up the syntax somehow. Hoping someone here can help me see the error in my ways!
I am going to edit the code below to better explain my issue. The attribute I am calling can either have a value of M or it is null.
If I run the following command, I get back a list of users who have extensionattribute6 = M
get-aduser -filter {extensionattribute6 -like 'M*'}
If I attempt to add in the section that specifies OU, the results become null.
I guess all I'm asking is if there is a syntax mistake with the OUs or, if not, if anyone could hazard a guess as to what I am doing wrong. :)
$OU = "ou=ou1,ou=ou2,ou=ou3,dc=dc1,dc=dc2"
get-aduser -filter {extensionattribute6 -like 'M*'} -searchbase $OU
When you use the filter and like operator, you have to use the * on the right side of the statement.
$managers = Get-ADUser -SearchBase $OU -Filter "extensionattribute6 -like 'M*'"
This will add a list of AD Users that have a value that Starts with M in extensionattribute6. If you dont add the * to the right side, 'M', then it will look for all users with an extensionAttribute6 value that equals M.
If you are comparing them to be equal, then you can use -eq for equality (without stars * inside quote)
$managers = Get-ADUser -SearchBase $OU -Filter "extensionattribute6 -eq 'M'"
If you have multiple specific OUs you want to go over, might i suggest using a list of these OUs and iterating over them.
$OUs = #()
$OUs += "OU=OU1,DC=domain,dc=com"
$OUs += "OU=OU2,OU=someParent,dc=domain,dc=com"
...
$managers = #()
foreach($OU in $OUs) {
$managers += Get-ADUser -SearchBase $OU -Filter "extensionattribute6 -eq 'M'"
}
I arrived at a solution to this. I needed to call a new variable, borrowing heavily from what Jawad suggested.
The code I settled on is as follows.
$Managers = #()
$Managers += get-aduser -filter * -searchbase "ou=ou1,ou=ou2,ou=ou3,dc=dc1,dc=dc2" -properties extensionattribute6 | where-object{$_.extensionattribute6 -like 'M*'}
foreach ($Manager in $Managers) {add-adgroupmember -identity <groupname> -members $Manager}
I am trying to run the get-aduser query below and I keep getting the error Get-AdUser Cannot convert to the type system.string. Any idea what might be the problem? TIA
$Base = (Get-ADOrganizationalUnit -Filter {(Name -like "Department")}).DistinguishedName
Get-ADUser -Filter * -SearchBase $Base -Properties Name
I tested this, and I can confirm that if your call to Get-ADOrganizationalUnit returns more than one OU, then the DistinguishedName property will be an array rather than a plain string. So you will need to change your call to Get-ADOrganizationalUnit so that it returns only one.
You can do that by either using the -ResultSetSize parameter to only use the first result:
$Base = (Get-ADOrganizationalUnit -Filter {(Name -like "Department")} -ResultSetSize 1).DistinguishedName
Or change the Filter so that it matches only one OU. I assume you're using -like because you're using a wildcard in your actual code, so you probably just have to be more specific.
Update: If you want users from all the matched OUs, then you can use ForEach-Object:
Get-ADOrganizationalUnit -Filter {(Name -like "Department")} |
ForEach {
Get-ADUser -Filter * -SearchBase $_.DistinguishedName -Properties Name
}
Just getting started with Powershell and I've run into a roadblock. I'm trying to iterate through AD and get a list of all OU's. From there I'm trying to get user account info for each user in each OU. To test I've been able to get the DN for all OU's and output to console but when I try and pass those values to the get-aduser cmdlt it fails.
Here's my code:
import-module activedirectory
$SearchBase = get-adorganizationalunit -filter * -searchbase "ou=users,ou=myUsers,dc=company,dc=local" -Properties CanonicalName | select-object -Property distinguishedName
foreach ($ou in $SearchBase) {
get-aduser -filter * -searchbase $ou -Properties givenName,sn,mail
}
I'm getting the following error message: "The supplied distinguishedName must belong to one of the following partitions..."
I think the issue is that when passing $ou to the get-aduser cmdlt the distinguished name must be enclosed in quotes after -searchbase correct? If so not sure how to go about that. Any help is appreciated.
The issue you are having is you need to expand the property you are selecting. You will notice if you run:
get-adorganizationalunit -filter * -searchbase "ou=users,ou=myUsers,dc=company,dc=local" -Properties CanonicalName | select-object -Property distinguishedName
It will show the parent property:
There are two ways to fix this:
Expand the property in your select statement:
$SearchBase = get-adorganizationalunit -filter * -searchbase "ou=users,ou=myUsers,dc=company,dc=local" -Properties CanonicalName | select-object -ExpandProperty distinguishedName
OR Call the Property in your foreach:
foreach ($ou in $SearchBase) {
get-aduser -filter * -searchbase $ou.distinguishedName -Properties givenName,sn,mail
}
I have got the value in the file is under the SMTPproxyaddresses header.So, I'm trying something along this lines.
foreach ($user in $userID)
{
$ADuser = Get-ADUser -Filter "ProxyAddress -eq $($user.SMTPproxyaddresses)" -Properties whenCreated, Enabled, SAMAccountName
}
CSV file :
SMTPproxyaddresses
userproxy#contoso.com
testproxy#contoso.com
user2proxy#contoso.com
user3proxy#contoso.com
I couldn't get it working with a variable inside the Filter parameter, but it worked typed outright. However, the alternative is using an LDAPFilter and this worked for me.
Get-AdUser -LDAPfilter "(ProxyAddresses=*$($user.SMTPaddresses))" -Properties whenCreated, Enabled, SamAccountName
Domain→OU=Client Computers→OU=Location
Each computers has an extensionAttribute1 value.
I need to get each computer's extensionAttribute1 and export to a CSV file.
I ran below code, but was unable to get it right. Tried few variation with no success.
I ran this first (no error here):
$Computers = Get-ADComputer -Filter * -SearchBase "OU=Location,OU=Client Computers,DC=ABC,DC=ABC1" -Properties *
Then I ran this:
foreach ($Computer in $Computers) {
Get-ADComputer $Computer -Filter * -Properties extensionAttribute5 |
Export-Csv C:\computer_users.csv
}
and got the following error:
Get-ADComputer : A positional parameter cannot be found that accepts
argument
I tried with parenthesis, commas, single quotes, double quotes, … just can't figure it out.
Get-ADComputer $Computer -Filter * ...
is the same as
Get-ADComputer -Identity $Computer -Filter * ...
If you take a look at the documentation you'll see that the parameters -Identity and -Filter are mutually exclusive. Besides, you don't need the loop and the second Get-ADComputer call anyway. Simply select the properties you want from your first Get-ADComputer call and pipe the result to Export-Csv:
$ou = 'OU=Location,OU=Client Computers,DC=ABC,DC=ABC1'
Get-ADComputer -Filter * -SearchBase $ou -Properties extensionAttribute1 |
Select-Object Name, extensionAttribute1, ... |
Export-Csv 'C:\computer_users.csv' -NoType