Why doesn't the below get-adcomputer commandline return any results? It's really irritating when cmdlets don't accomodate powershell syntax. At least that's what it looks like is happening here. If I do a write-output, it displays exactly what I want to be inserted in the commandline. However, when I go to use it with the get-adcomputer cmdlet, no results are returned.
PS: C:\> $Variable = "88FF"
PS: C:\> write-output "*$($Variable)*"
*88FF*
PS: C:\> Get-ADComputer -Filter {Name -like "*$($Variable)*"} -Property *
PS: C:\>
PS: C:\> Get-ADComputer -Filter {Name -like "*88FF*"} -Property *
computer1
computer2
computer3
I've tried a bunch of different variants... including even adding literal quotes to the variable by escaping them. I've been pulling my hair out trying to figure out something that should take less than 10 seconds to do.
PS: C:\> $Variable = "`"*888FF*`""
PS: C:\> $Variable
"*88FF*"
PS: C:\> PS: C:\> Get-ADComputer -Filter {Name -like $Variable} -Property *
PS: C:\>
Edit: I've also tried below variant with same exact result:
PS: C:\> Get-ADComputer -Filter {Name -like '*$Variable*'} -Property *
PS: C:\>
Give this a try:
Get-ADComputer -Filter "Name -like '*$Variable*'" -Property *
Pretty lame, it looks like this is one of the many limitations of the Powershell Active-Directory module that comes with Windows. I wasn't doing anything wrong in my original attempts. I ended up having pipeline the output to where{ } to filter it items.
Get-ADComputer -properties Name, OperatingSystem -Filter *| ?{$_.name -like "*$($Variable)*"} |ft Name, OperatingSystem -Wrap -Auto
How about this:
$myvar="*888FF*"
get-adcomputer -filter {name -like $myvar} -property *
It's really annoying, you would expect this to work but -filter just has some weird parsing rules internally I guess
$myvar="888FF"
get-adcomputer -filter {name -like "*$myvar*"} -property *
Shay's solution works beautifully (at least on v4)
I also found out that LDAPFilters will work too!
get-adcomputer -LDAPFilter "(&(name=$name*)(operatingsystem=server))"
Related
I have a simple script that is made to search the members of a group introduced as a parameter, and it works properly:
$param1=$args[0]
Get-ADGroupMember "$param1" | ft name,objectclass,samaccountname
But when I try to run this other script (very similar funtionality), it doesn't show anything,, just blank:
$param1=$args[0]
Get-ADUser -Filter 'Name -like "*$param1*"' -Properties LastLogonDate,PasswordLastSet | ft Name,SamAccountName,LastLogonDate,PasswordLastSet
Someone could help me, what am I doing wrong?
PD: When I run the second command manually, replacing $param1 with a letter, it works as intended.
---NEWS---
I have tried this variation of the second script and idk why but it works:
Get-ADUser -Identity "$args" -Properties LastLogonDate,PasswordLastSet | ft Name,SamAccountName,LastLogonDate,PasswordLastSet
May it be, that the option "-Filter 'Name -like "$args"'" it's what is causing all the trouble?
It's very strange because, the second script doesn't show an error, it just doesn't show nothing and goes to the next prompt line. (I have already tried to replace the $param1 with $args like in the last example and it's the same output, nothing)
Thanks in advice :))
Alex, Try this instead. Get-ADUser -Filter "Name -like '*$($param1)*'" -Properties LastLogonDate,PasswordLastSet | ft Name,SamAccountName,LastLogonDate,PasswordLastSet
I'm not so sure how to do loops in Powershell.
get-aduser -Filter {name -like "USER"} >C:\temp.txt
I have a list of 200 users (I have first and last name) specific that I would like the logon name to same file how can I do that with the command a I wrote before? Or is there any other way to did it ?
Use a foreach loop like #msanford said and loop through your user list with something like this:
get-aduser -Filter {Name -like "USER*"} | Select-Object Name,SamAccountName | Out-File -FilePath C:\temp.txt
I receive task on studies to create command that will find a specific users in specific OU in Active Directory.
More precise, find all persons that name is A* and are located in OU *es.
After hours of researching I created such commands:
For finding all A* users:
Get-ADUser -filter {name -like "A*"}
For finding all *es OU
Get-ADObject -filter {OU -like "*es"}
And I don't have idea how to connect those outputs.
I was thinking about such resolutions, but they don't work for me.
$var = Get-ADObject -filter {OU -like "*es"} | Select DistinguishedName
Get-ADUser -filter {name -like "A*"} -SearchBase $var
Or
Get-ADUser -filter {name -like "A*" -and OU -like "*es"}
I'm lost, please advice.
You could first use the server filter to get all A*users and then filter the OU on the client using the Where-Object cmdlet:
Get-ADUser -filter {Name -like 'A*'} | Where-Object DistinguishedName -like '*OU=*es*'
If you know all your OU you want to filter, consider using the -SearchBase Parameter. More information here.
I'm trying to remove all the principal group memberships starting with the name of all computer accounts in one specific ou.
I've tried browsing to the OU with the AD provider, typing gci and getting a list of all the computers in the ou to find their ADPrincipalGroupMembership which works. Also, using get-adcomputer -searchbase <ou> -filter * works too. But I can't then remove every group that each machine is a member of.
When I then try to expand on that with remove-ADPrincipalGroupMembership, my input for the groups to remove are system.string and remove-ADPrincipalGroupMembership won't accept that. I have something like this so far/
Get-ADComputer -SearchBase 'OU=blahblah' -Filter * |
Remove-ADPrincipalGroupMembership -MemberOf (Get-ADGroup -Filter 'name -like "17"')
I've read help and examples but I can't find how to do this. I don't want to give up and just use the gui :)
thank you
You can try this...I am not able to test it to confirm it works, but I think it should.
$Comps = Get-ADComputer -SearchBase 'OU=blahblah' -Filter * -Prop MemberOf
Foreach ($Comp in $Comps)
{
$Groups = $Comp.MemberOf | ? {$_ -like "CN=17*"}
if ($Groups)
{
Remove-ADPrincipalGroupMembership -Identity $Comp -MemberOf $Groups -Whatif #-Confirm $False
}
}
Assuming it works with the -whatif statement, by default I believe that command will prompt you if you're sure about each removal which could be a pain so you could uncomment -confirm $false to try and avoid that.
Also it is assuming the distinguished name of each group is going to be something along the lines of
CN=17groupA,OU=Computer Groups,OU=Computer,DC=TEST,DC=NET
I cannot seem to use variable in the situation below.
[PS] C:\>Get-User -Filter {SamAccountName -eq "Test.Smith"}
Name RecipientType
---- -------------
Test Smith UserMailbox
[PS] C:\>$SamAccountName = "Test.Smith"
[PS] C:\>Get-User -Filter {SamAccountName -eq $SamAccountName}
[PS] C:\>echo $SamAccountName
Test.Smith
[PS] C:\>
You can see the command works fine when I type out the name, but not when I use a variable. Thanks!
I don't have access to this cmdlet, are you sure it takes a scriptblock and not a string? If it takes a string try this:
Get-User -Filter "SamAccountName -eq $SamAccountName"
If it really takes a scriptblock try:
Get-User -Filter {SamAccountName -eq $SamAccountName}.GetNewClosure()
As seen in the comments, add single quotes around the variables, or your filter result has incorrect syntax.
Get-User -Filter "SamAccountName -eq '$SamAccountName'"
When passing parameters directly you can just pass the variable. But in this case you are building a properly formatted query string, and the single quotes are part of that.
When you get a full answer, don't leave it as a comment... create it as a full answer.