I am a Powershell starter. I have been trying to create a script, that makes an Excel file with some AD information including the DistinguishedName. My script looks like this:
$dn = Get-ADUser -Filter * -SearchBase "OU=Users,OU=Ch01,OU=EU,DC=corp,DC=ads" | select DistinguishedName,SamAccountName,name |export-csv C:\temp\test1.csv -Delimiter ";"
An example of what I get (Note: | means new cell in Excel):
CN=Testuser\, Verfluecht,OU=Users,OU=Ch01,OU=EU,DC=corp,DC=ads | vtestuser | Testuser, Verfluecht
But in order to group the paths in excel, I need it without the CN (CN=Testuser\, Verfluecht,)
So that it would look like this:
OU=Users,OU=Ch01,OU=EU,DC=corp,DC=ads | vtestuser | Testuser, Verfluecht
How can I do this?
I tried many things such as .substring and replace, but I could not get it done.
Using this link and a calculated property, it should just drop the first part of the distinguishedname and be left with the parts you need.
Get-ADUser -Filter * -SearchBase "OU=Users,OU=Ch01,OU=EU,DC=corp,DC=ads" |
Select-Object #{Name="DistinguishedName";Expression={$_.distinguishedname | ForEach-Object {$_ -replace '^.+?(?<!\\),',''}}},samaccountname,name |
Export-Csv C:\temp\test1.csv -Delimiter ";"
On my test environment, I get the output below (without piping it to Export-Csv).
Get-ADUser -Filter * | Select-Object #{Name="DistinguishedName";Expression={$_.distinguishedname | ForEach-Object {$_ -replace '^.+?(?<!\\),',''}}},samaccountname,name
DistinguishedName samaccountname name
----------------- -------------- ----
CN=Users,DC=timhaintz,DC=com Administrator Administrator
CN=Users,DC=timhaintz,DC=com Guest Guest
CN=Users,DC=timhaintz,DC=com DefaultAccount DefaultAccount
CN=Users,DC=timhaintz,DC=com krbtgt krbtgt
Thanks, Tim.
Related
Problem & what i have now
The script
comments are in norwegian btw, if they look strange lol
Connect-AzureAD
#variabel
$Users = Get-AzureADUser -All:$true | where-object { $null -ne $_.AssignedLicenses.SkuId } | Sort-Object CompanyName, UserPrincipalName| Select-Object -Property CompanyName, DisplayName, UserPrincipalName, Department, Mobile, TelephoneNumber
#formatting
$userlistTable = $Users | Format-Table
$userlistHTML = $Users | ConvertTo-Html
#outputs
$userlistHTML > out.html # ut som HTML
$userlistTable > out.txt # ut som Tabell i .txt
$userlistTable # ut som Tabell i terminal
My output as it stands right now:
CompanyName DisplayName UserPrincipalName Department Mobile TelephoneNumber
----------- ----------- ----------------- ---------- ------ ---------------
Company inc Usser Name username#website.com Callsenter 12345678 87654321
What i would like. is a table that has all the info in the output of $Users to inclide the users "SkuPartNumber".
The field u get by running the command Get-AzureADSubscribedSku | Select -Property SkuPartNumber
I would also like to get the users "manager", that u get by running Get-AzureADUserManager.
that last command uses the users Object ID to find their manager.
And to be honest, im very lost on how to combine these commands into one table.
its not the end of the world as it is right now. i could of just have multiple tables but having to manually cross reference these takes some time.
Im really not sure why these things are split into different commands to be honest. i get that a license is via 365 and not azure. but it seems a little backwards that i cant see the licenses from the command showing me all the user information. when a user class in powershell DOES infact show the sku ID. its burried within AssignedLicenses from running the command:
Get-AzureADUser | where-object -property UserPrincipalName -eq "emailhere#domain.com" | FL
This will give you among other things, this info:
AssignedLicenses : {class AssignedLicense {
DisabledPlans: System.Collections.Generic.List`1[System.String]
SkuId: 3b555118-da6a-4418-894f-7df1e2096870
}
conclusion
I know this was a long read. and if u made it this far im sorry.
any help with this would be amazing. This might be super easy to do, but im very far from a powershell wiz. thanks again for reading, and any help.
You can add additional properties to selected objects with calculated properties like Select #{label='name';expression={foo}}
$Users = Get-AzureADUser -All:$true
$Users | Where-Object { $_.AssignedLicenses.SkuId } |
Select-Object -Property UserPrincipalName, ## other properties here...
#{l='ManagerUPN';e={($_ | Get-AzureADUserManager).UserPrincipalName}},
#{l='AssignedSKUs';e={$_.AssignedLicenses.SkuId -join ';'}}
UserPrincipalName ManagerUPN AssignedSKUs
----------------- ---------- ------------
user#domain.com manager#domain.com 00000000-0000-0000-0000-000000000000;11111111-1111-1111-1111-111111111111
It can be slow to run Get-AzureADUserManager for every user, but that's how azure stores the relationships.
When you have a lot of users, it can be slightly faster to get the manager users first, then use Get-AzureADUserDirectReport -all $true to expand all the directreports in one call. The Microsoft.Graph.Users module is also a bit more lightweight
This script isn't pulling ad user data like expected.This code is pulling the Name and UserPrincipalName correctly, but then it is blank for the rest of the fields.I know the fields that I am pulling are not blank. The result should be a csv file with the select-objects showing.Am I missing something? I am not getting an error message as well.
$OUpath = 'ou=*****,OU=****,DC=****,DC=****,DC=****,DC=****'
$ExportPath = 'c:\scripts\users_in_ou2.csv'
Get-ADUser -Filter * -SearchBase $OUpath |
Select-object Name,UserPrincipalName,mobile,mail,telephoneNumber,employeeID |
Export-Csv -NoType $ExportPath
You need to tell get-aduser which properties you want. There probably a better way too do it but this should get you the result you want
$OUpath = 'ou=*****,OU=****,DC=****,DC=****,DC=****,DC=****'
$ExportPath = 'c:\scripts\users_in_ou2.csv'
Get-ADUser -Filter * -SearchBase $OUpath -Properties Name,UserPrincipalName,Mobile,EmailAddress,telephoneNumber,employeeID |
Select-object Name,UserPrincipalName,Mobile,EmailAddress,telephoneNumber,employeeID |
Export-Csv -NoType $ExportPath
Typical use case is when someone gets married and their username is changed in active directory (AD). Each site collection has a list of users which are updated by an AD/SharePoint sync task, but it doesn't work well when a user's name changes. These command list all the problem site collections:
Get-SPWebApplication -Identity $Url | Get-SPSite -Limit All | Select-Object -ExpandProperty RootWeb | Get-SPUser -Limit All | Where {$_.LoginName -like $OldLoginName} | select Name, LoginName, ParentWeb
These command usually fixes the problem:
Get-SPWebApplication -Identity $Url | Get-SPSite -Limit All | Select-Object -ExpandProperty RootWeb | Get-SPUser -Limit All | Where {$_.DisplayName -eq $OldDisplayName -or $_.LoginName -eq $OldLoginName} | Set-SPUser -SyncFromAD
I'm getting following error.
Set-SPUser : Cannot get the full name or e-mail address of user
Any ideas ?
running this script fixed the problem
stsadm -o migrateuser -oldlogin $oldLogin -newlogin $newlogin -ignoresidhistory
$allSoftwareObj = Get-WmiObject -Class Win32_Product | Select-Object -Property Name, Version | ft -HideTableHeaders | ft -Wrap -AutoSize -Property Name, Version
$allSoftware = Out-String -InputObject $allSoftwareObj
echo $allSoftware
When I output this, I get a table structure. I don't want that.
How to get a new line per new output with only space between the Name and Version?
Wrong output now:
Microsoft SQL Server System CLR Types 10.51.2500.0
SQL Server 2012 Client Tools 11.1.3000.0
Wanted output:
Microsoft SQL Server System CLR Types 10.51.2500.0
Or:
Microsoft SQL Server System CLR Types (10.51.2500.0)
Try replacing the whole line with this:
Get-WmiObject -Class Win32_Product | % {"$($_.Name) ($($_.Version))"}
$allSoftwareObj = Get-WmiObject -Class Win32_Product | %{ $_.Name + " " + $_.Version}
$allSoftwareObj
You can do it like this:
Get-WmiObject -Class Win32_Product | Select-Object -Property Name, Version | % { write-host "$($_.name) ($($_.version))" }
I am making a script to query active directory via powershell and pull all computers that contain a username in the description field, then filter that list with only computers last logged in the past 14 days.
This is what I have so far:
$queryAD = Get-ADComputer -SearchBase 'OU=West Division,DC=cable,DC=comcast,DC=com' -Properties Name, Description -Filter {(Name -like "WA*") -and (Description -like $wildCard)} | Select-Object Name, Description
$lastLogon = $queryAD | Select-Object -ExpandProperty Description | %{$_.replace(("$NTname" + ";"),"").split(";")[0]} | %{get-date $_ -format d}
I'd like to add the list generated from $lastLogon to $queryAD, right now $queryAD is returning two columns with headers Name and Description. I need a third header added called Last Logon Date and contain the list in $lastLogon. Please advise.
You could assign the values to an array of objects to make your output cleaner (if this method is providing you the data you want) like so:
$queryAD = Get-ADComputer -SearchBase 'OU=West Division,DC=cable,DC=comcast,DC=com' -Properties Name, Description -Filter {(Name -like "WA*") -and (Description -like $wildCard)} | Select-Object Name, Description
$computer_list = #()
foreach($computer in $queryAD) {
$computer_info = New-Object PSObject -Property #{
Name = $computer.Name
Description = $computer.Description
LastLogonDate = $computer | Select-Object -ExpandProperty Description | %{$_.replace(("$NTname" + ";"),"").split(";")[0]} | %{get-date $_ -format d}
}
$computer_list += $computer_info
}
in which case $computer_list will contain all of the info you're gathering in tidy objects.
...but this method seems overcomplicated. Look into this blog entry by Matt Vogt for a better way to query for old machines in AD.