Get-AdUser -Filter for homeDirectory

Similar Messages

• Powershell AD Cmdlet Get-Aduser does display "homedirectory"

  Hey Scripting Guys,
  i trying to display the homedirectory path of some users. My Powershell command look's something like that:
  Get-Aduser -Identy myuser -Properties Homedirectory
  But the attribut is displayed without a value. Has somebody an idea?
  THX.

  The User has a value assigned to the homeDirectory, but it is not displayed in powershell.
  When i export my query into a text file, the homedirectory is displayed correct - leave it a that.
  Now i trying to export in a csv, without success.
  Get-Aduser - Filter * -Properties homeDirectory -Searchbase "my dn" | Where-object { $_. homeDirectory -match "my path" } | ft homeDirectory, samAccountName | Export-CSV -NoTypeInformation C:\Myfile.csv
  The File is createt, but without content. I think there is no syntax error.
  Some idea?
  This will not wwork:
   ft homeDirectory, samAccountName | Export-CSV -NoTypeInformation C:\Myfile.csv
  You cannot oputput FT to Export-CSV.  Remove the FT.  Change it to select.
  ¯\_(ツ)_/¯

• Using get-aduser -filter to find blank spaces only

  Hello all,
  What I'm trying to do is pretty simple. I want to use the -filter parameter of the get-aduser cmdlet to find a defined attribute that only contains a space. For example, I want to find any users that have extensionattribute1 equal to " ". I've
  tried the following code but I get the error "the search filter cannot be recognized":
  get-aduser -filter {extensionattribute1 -eq " "}
  What I don't want to use is -like "* *", as that will give me values that contain a space anywhere. I only want to return users that have extensionattribute1 equal to one space.
  Any ideas?

  Yes, in LDAP syntax you can escape any character with the backslash escape character followed by the two character hex ASCII representation of what you want. You can get foreign characters this way. More on escaping characters here:
  http://social.technet.microsoft.com/wiki/contents/articles/5312.active-directory-characters-to-escape.aspx
  Richard Mueller - MVP Directory Services

• Get-ADUser -Filter {extensionAttribute1 -ne "aaa"} to get the users

  I need get these users who's extensionAttribute1 is null or blank.
  I can run this commamd well :
  Get-ADUser -Filter {extensionAttribute1 -eq "aaa"} -SearchBase "OU=Sales,OU=aaa,DC=ccc,DC=ddd,DC=org"
  but when i change the "-eq" with "-ne", this command return nothing.
  Get-ADUser -Filter {extensionAttribute1 -ne "aaa"} -SearchBase "OU=Sales,OU=aaa,DC=ccc,DC=ddd,DC=org"
  Anyone can please help me to check the problem?
  thanks and regards,
  adsnow
  adsnow

  Hi,
  You can use the PowerShell command given below, to get the names of AD Users whose extensionAttribute1 is null or blank,
  Get-ADUser -Filter {extensionAttribute1 -notlike "*"} -SearchBase "OU=Sales,OU=aaa,DC=ccc,DC=ddd,DC=org" | select name
  FYI:
  To get the names of AD Users with any value set for extensionAttribute1 as,
  Get-ADUser -Filter {extensionAttribute1 -like "*"} -SearchBase "OU=Sales,OU=aaa,DC=ccc,DC=ddd,DC=org" | select name
  Regards,
  Gopi
  JiJi
  Technologies

• Help with get-aduser -filter command

  Hi! I'm having problems with getting user info from displayname
  function searchuzv {
  $uzvinfo=$InputBoxuzv.text;
  $uzvcheck = Get-ADUser -filter "DisplayName -like '*$uzvinfo*'"
  If i run Get-ADUser -filter "DisplayName -like '*$uzvinfo*'" line separately, everything is ok, and working, but when I run function, I m getting error "Get-ADUser : The search filter cannot be recognized"
  My objective is get user info when only part of displayname is provided.
  I suppose there is problem with syntax, but I can't find anything about this.
  Any suggestions?
  Bert regards,
  Ronald

  Hi Ronald,
  Try this.
  function searchuzv
  $uzvinfo=$InputBoxuzv.text
  $uzvDisp = "*"+$uzvinfo+"*"
  $uzvcheck = Get-ADUser -filter "DisplayName -like $uzvDisp"
  Regards,
  Satyajit
  Please “Vote As Helpful”
  if you find my contribution useful or “Mark As Answer” if it does answer your question. That will encourage me - and others - to take time out to help you.

• Get-aduser -Filter email address

  Hi, I have a csv file with a email address and the employ ID. I which to update the emply id according to the email address
  csv:
  Email;employerID;FirstName;LastName;
  [email protected];123456789;a;a;
  [email protected];789456123;b;b;
  I tried querying the user according to email but the user is not found:
  $test = Import-csv -Path \\tsclient\c\temp\test.csv -delimiter ";"
  Foreach ($u in $test) {Get-aduser -Filter { emailaddress -Like $u.email} -Properties emailaddress}
  Which i find strange, because when i run following commandlet the correct address are displayed.
  $test = Import-csv -Path \\tsclient\c\temp\test.csv -delimiter ";"
  Foreach ($u in $test) {write-host $u.email}
  I even tried, but same result:
  $test = Import-csv -Path \\tsclient\c\temp\test.csv -delimiter ";"
  Foreach ($u in $test) {Get-aduser -Filter { emailaddress -Like $($u.email)} -Properties emailaddress}
  What am i doing wrong?
  Answers provided are coming from personal experience, and come with no warranty of success. I as everybody else do make mistakes.

  Get-aduser : Property: 'email' not found in object of type: 'System.Management.Automation.PSCustomObject'.This implies that the object $u does not have a property named email.$test = Import-csv -Path \\tsclient\c\temp\test.csv -delimiter ";"
  Foreach ($u in $test) {$u.email}

• Get-aduser -filter -memberof group name issues

  I want to use powershell to return all users who are domain admins into a CSV
  Are these commands close to what I should be doing?
  get-aduser -filter -memberof "domain admin" 
  get-adgroupmember -filter "-eq 'Domain Admin'"
  Then I will exporting to CSV with this working part of the script.
  -Properties * | Select-Object -Property Name,DisplayName,Title,EmailAddress,GivenName,sn,StreetAddress,Office,City,State,PostalCode,Country,OfficePhone,Company,HomePhone,mobile,Department | Sort-Object -Property Name | export-csv c:\UserPropertiesCSV.csv

  If you want more information than is being returned by Get-ADGroupMember, you can pipe the results into Get-ADUser.
  Get-ADGroupMember "Domain Admins" |
  Get-ADUser -properties Displayname, Title, EmailAddress, GivenName, sn, StreetAddress, Office, City, State, PostalCode, Country, OfficePhone, Company, HomePhone, Mobile, Department |
  Select-Object Name, DisplayName, Title, EmailAddress, GivenName, sn, StreetAddress, Office, City, State, PostalCode, Country, OfficePhone, Company, HomePhone, Mobile, Department |
  Export-CSV ".\results.csv"

• Get-aduser wildcards for finding extension attribute

  Hello,
  The end users in our organization have 100+ property names that include; distinguished name, all extension and custom attributes, a boatload of custom attributes, so on and so forth. If I perform a "get-aduser -properties | more" there are
  just too many to scan through to find the one I need that begins with the word "script".  I tried the like operator in the manner below:
  get-aduser user12345 | where-object {$_.name -like "*script*"} 
  and 
  get-aduser user12345 -propertites * | where-object {$_.name -like "*script*"} 
  I don't' get any errors but I don't have any results either. I made sure an attribute with that naming convention existed and there are several entries that start with the word "script". Still no results returned.  Would like some input. 
  thank you,
  admin
  Ok I already have 25 views on this and still no-one has any suggestions? I think I may just be overlooking some minor detail. Surely someone has a suggestion right? 

  Hello,
  You should ask in the
  Windows PowerShell forum.
  However, generally, you'd pipe the cmdlet to the Select-Object cmdlet
  get-aduser user12345 -propertites * |Select-Object *script*
  Karl
  When you see answers and helpful posts, please click Vote As Helpful, Propose As Answer, and/or Mark As Answer.
  My Blog: Unlock PowerShell
  My Book: Windows PowerShell 2.0 Bible
  My E-mail: -join ('6F6C646B61726C40686F746D61696C2E636F6D'-split'(?<=\G.{2})'|%{if($_){[char][int]"0x$_"}})

• Powershell get-aduser filter problem

  Powershell'Filter' = {(Enabled -eq $True) -and ((Office -ne "EXCLUDE") -or (Office -notlike '*'))}
  The filter parameter isn't very user friendly.  Try this and see if it is what you want.

  Hello all, I am trying to filter a script I found here from Martin9700to get users from an ad ou. The original line: 'Filter' = {Enabled -eq $True} works and I am trying to add a filter to exclude users that have Office value of EXCLUDE. If I use: 'Filter' = {(Enabled -eq $True) -and (office -eq "EXCLUDE")} then it will get the user that has EXCLUDE but I can't get any negative to work. I have tried -ne, -notlike and several combos of syntax but I really don't understand much of it. Any help would be greatly appreciated! The complete script is below. Thanks!

• Error troubleshooting in AD Module - Get-Aduser w/created filter

  Hi All,
  I'm working as an intern with my university, and I've been tasked with clearing out old student accounts in AD. There are currently over 4000 users in our system, and it's estimated that there are over 3500 old accounts that need to be deleted.
  We are at the 2008 R2 Domain Functional Level.
  I am going to script this through Powershell, but I'm having a terrible time getting a certain query to run properly.
  I am using the following:
  get-aduser -filter {created -lt '1/1/2010' -and lastlogontimestamp -notlike '*'} -properties created
  I will sometimes narrow my query by adding another filter for created -gt '1/1/2008', for instance.
  When I run the command as written, however, it will return several hundred users, but then it spits out the following error after the last displayed result:
  Get-ADUser : The specified method is not supported
  At C:\Users\Administrator.CSC\Desktop\test1.ps1:4 char:15
  + get-aduser <<<< -filter {created -lt '1/1/2010'} -properties created | ft name,samaccountname,created
  + CategoryInfo : NotSpecified: (:) [Get-ADUser], ADException
  + FullyQualifiedErrorId : The specified method is not supported,Microsoft.ActiveDirectory.Management.Commands.GetADUser
  If I narrow my search scope by created date, I can sometimes get the error to not appear. My guess is that there are several accounts in the database that trigger the error (or at least, that's how it appears).
  I have tried running this on both a DC and a non-dc server with server management tools installed. It doesn't matter what other filters are used, so omitting the lastlogontimestamp filter doesn't prevent the error.
  My supervisor seems to think there may be errors in the AD database, but I've done every AD health check I can think of.
  Does anyone have any suggestions?
  Thanks,
  Brandon

  If you have access to Microsoft Connect (I believe you must be an MVP), it would help to vote on this report, as that should help prioritize it.
  You don't need to be a MVP for access to Connect, here's a direct link to the bug report Richard opened:
  https://connect.microsoft.com/PowerShell/feedbackdetail/view/963333/ad-module-cmdlets-raise-error-if-there-are-more-than-256-results
  The command from the report does appear to work for me in v4 (Win7):
  PS C:\> Get-ADUser -Properties Created -Filter "Created -gt '9/1/2014'" | measure
  Count : 260
  I also tested the command that failed in the post above and v3 appears to be working for me as well (WS2012):
  PS C:\> $start = (Get-Date).AddDays(-1)
  PS C:\> get-aduser -filter {modified -gt $start} | measure
  Count : 263
  Perhaps the count needs to be higher to replicate this.
  EDIT: I just created a bunch of new user accounts and I still can't replicate this (v3 on WS2012 again):
  PS C:\> $start = (Get-Date).AddDays(-1)
  PS C:\> get-aduser -filter {modified -gt $start} | measure
  Count : 1803
  EDIT2: DC is WS2008SP2.
  Don't retire TechNet! -
  (Don't give up yet - 13,085+ strong and growing)

• How do I run Get-ADUser and filter out two separate OUs

  Ha! I was assuming that Where-Object wouldn't do me any better. Well, I guess I made an ass out of me. ;)
  Your first script is what I will use. We have some user accounts in other OUs that are disabled for other reasons.
  It's little quirks like this that keep me from using Powershell more often.
  Thanks Matt!

  Hi again all!I am trying to write a script that will search for AD users that have the "Password Never Expires" box checked, but not if they are in one of two OUs. These OUs are not parent/child, they are separate.If I run this, I get about 30 results:
  Powershellget-aduser -filter { PasswordNeverExpires -eq $true }Some of the results are in the "Disabled Accounts" OU, some are in the "Contractors" OU, and the rest are in neither.
  If I run either of these, I get zero results:
  Powershellget-aduser -filter { PasswordNeverExpires -eq $true -and DistinguishedName -notlike "*Disabled*"}get-aduser -filter { PasswordNeverExpires -eq $true -and ( DistinguishedName -notlike "*Disabled*" -and DistinguishedName -notlike "*Contractors*")}I know for a fact that I have users that are not in either of these two OUs that have that box checked because I...
  This topic first appeared in the Spiceworks Community

• Get-aduser compare attributes inside the -filter parameter

  Hello all,
  What I would like to do is use the -filter parameter of get-aduser to compare 2 attributes within the search itself, instead of having to process the differences afterwards.
  So here is how I normally use -filter:
  get-aduser -filter {(name -like "*") -and (displayname -like "*")} -Properties displayname | `
  Foreach-object{
  If($_.name -eq $_.displayname){
  "Match!"
  As you can see, I have to get all the users and their properties first, and then subsequently I have to use a ForEach-Object loop to determine if there are any matches.
  What I would like to do is do the comparison in the -filter parameter. Something like this:
  get-aduser -filter {name -eq displayname}
  However, I'm not aware of any way to compare attributes within -filter, and I wonder if anyone knows of a way? Or is a subsequent loop the only way to compare?

  Hi,
  You can use -and in the filter:
  Get-ADUser -Filter "SamAccountName -eq 'smithr' -and GivenName -eq 'Robert'"
  I'm not exactly sure if this is what you're asking about though.
  EDIT: I think I know what you're asking now. AFAIK, there is no way to use -Filter to return users who have the same DisplayName attribute as their Name attribute. You need to have something concrete to test against inside of the filter.
  Don't retire TechNet! -
  (Don't give up yet - 12,950+ strong and growing)

• How do I use Get-ADUser to get just the Managers attribute? And then get rid of duplicates in my array/hash table?

  Hello,
        I am trying to just get the Managers of my users in Active Directory. I have gotten it down to the user and their manager, but I don't need the user. Here is my code so far:
  Get-ADUser-filter*-searchbase"OU=REDACTED,
  OU=Enterprise Users, DC=REDACTED, DC=REDACTED"-PropertiesManager|SelectName,@{N='Manager';E={(Get-ADUser$_.Manager).Name}}
  |export-csvc:\managers.csv-append 
  Also, I need to get rid of the duplicate values in my hash table. I tried playing around with -sort unique, but couldn't find a place it would work. Any help would be awesome.
  Thanks,
  Matt

  I would caution that, although it is not likely, managers can also be contact, group, or computer objects. If this is possible in your situation, use Get-ADObject in place of Get-ADUser inside the curly braces.
  Also, if you only want users that have a manager assigned, you can use -LDAPFilter "(manager=*)" in the first Get-ADUser.
  Finally, if you want all users that have been assigned the manager for at least one user, you can use:
  Get-ADUser
  -LDAPFilter "(directReports=*)" |
  Select @{N='Manager';E={ (Get-ADUser
  $_.sAMAccountName).Name }}
  -Unique | Sort Manager |
  Export-Csv .\managerList.csv -NoTypeInformation
  This works because when you assign the manager attribute of a user, this assigns the user to the directReports attribute of the manager. The directReports atttribute is multi-valued (an array in essence).
  Again, if managers can be groups or some other class of object (not likely), then use Get-ADObect throughout and identify by distinguishedName instead of sAMAccountName (since contacts don't have sAMAccountName).
  Richard Mueller - MVP Directory Services

• Get-ADUser and Get-ADPrincipalGroupMembership combined

  I'm trying to get a list of template user account and what their membership are exported to a csv file. I'm trying to combine the tables on them but having a hard time figuring it out. I spent the day racking my brain on this and figured I would reach out
  for help. This gets all my template users.
  Import-Module ActiveDirectory
  $User = "*Template*"
  $usernames = (Get-ADUser -Filter "DisplayName -like '*$User*'" -Properties * | format-table Displayname, SamAccountName)
  $usernames
  I can use this to get all the members of the groups, but since the groups repeat it doesnt break down where one user stops and the others begin. 
  $groups = Get-ADUser -Filter "SamAccountName -like '*$Usr*'" -Properties DisplayName | foreach-object{Get-ADPrincipalGroupMembership -Identity $_.SamAccountName} | format-table name
  I was thinking of joining the tables but that wasnt much help to me since I cant figure out what to join on. I also thought about looping through the first table with a foreach loop but it was assigning the whole table in the first pass and displaying nothing.
  If anyone could help or suggest something, I would greatly appreciate.
  Matt

  Hi Matt,
  Give this a shot:
  Get-ADUser -Filter "DisplayName -like '*Template*'" -Properties MemberOf | ForEach {
  $username = $_.SamAccountName
  $_.MemberOf | ForEach {
  $props = @{
  Username = $username
  GroupName = (Get-ADGroup $_).Name
  New-Object PsObject -Property $props
  } | Sort Username,GroupName |
  Select Username,GroupName |
  Export-Csv .\GroupMemberships.csv -NoTypeInformation
  Don't retire TechNet! -
  (Don't give up yet - 13,225+ strong and growing)

• Get-ADUser SamAccount from CSV file does not work.

  So I'm trying to get HomeDirectory + SamAccountName using Get-ADUser from an imported csv file called $csvFile
  $GetUserInfo = Get-ADUser (Get-ADUser -Filter { displayName -eq $csvFile[$index].DisplayName}).SamAccountName -Properties SamAccountName,HomeDirectory
  It gives me an error. 
  Get-ADUser : Invalid type 'System.Object[]'.
  Parameter name: displayName
  At line:1 char:28
  + $GetInfoUser = Get-ADUser (Get-ADUser -Filter { displayName -eq $csvFile[5].Disp ...
  + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  + CategoryInfo : InvalidArgument: (:) [Get-ADUser], ArgumentException
  + FullyQualifiedErrorId : ActiveDirectoryCmdlet:System.ArgumentException,Microsoft.ActiveDirectory.Management.Commands.GetADUser
  However if I do like this 
  $DisplayName = $csvFile[$index].DisplayName
  and replace $DisplayName to the filter like this, it works flawless and I get HomeDirectory and the SamAccountName
  (Get-ADUser -Filter { displayName -eq $DisplayName }).SamA...
  Any ideas or improvements

  Still produces the same error. I'm running 4.0
  How about this?
  Import-Csv C:\Temp\user.csv | % {
  $displayname = $_.displayname;
  get-aduser -filter { displayname -eq $displayname } | Select SamAccountname , HomeDirectory
  The below was my CSV format
  DisplayName
  Chendrayan Venkatesan
  Ramesh Venkatesan
  Regards Chen V [MCTS SharePoint 2010]