0

I need to pass in a list of Users and get back a CSV with Name, SamAccountName, email

My Input CSV is as follows:

"John Doe"
"Jane Doe"

Here's the current code I'm using. I'm not sure what the problem is. The users actually do exist under the "DC" specified...

Import-Module ActiveDirectory
Function Get-ADUsersDetailsCSV
{
    [CmdletBinding()]
    Param
    (
    [Parameter(Mandatory=$True,Position=1)]
    [String]$InCSV,

    [Parameter(Mandatory=$True)]
    [String]$OutCSV
    )

If($InCSV)
{
    If(Test-Path -Path $InCSV)
    {
        $USERS = Import-CSV $InCSV -Header Name
        $USERS|Foreach{Get-ADUser $_.Name -Properties * |Select Name, SAMAccountName, mail}|Export-CSV -Path $OutCSV

    } #End Test that the files exist

    Else
    {
        Write-Warning "Cannot find path '$InCSV' because it does not exist."
    }


} #End Ensure Input and Output files were provided

} #End Function Get-UsersDetailsCSV

Here's the error:

Get-ADUser : Cannot find an object with identity: 'John Doe' under: 'DC=blah,DC=com'.
At U:\data\GetADUserInfo PS Script\GetADUsersDetailsCSV.psm1:19 char:28
+             $USERS|Foreach{Get-ADUser $_.Name -Properties * |Select Name, SAMAcc ...
+                            ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo          : ObjectNotFound: (Name:ADUser) [Get-ADUser], ADIdentityNotFoundException
+ FullyQualifiedErrorId : Cannot find an object with identity: 'John Doe' under: 'DC=blah,DC=com'.,Microsoft.ActiveDirectory.Management.Commands.GetADUser
Improve this question

2 Answers 2

Reset to default
1

If you run Get-Help Get-ADUser, you'll find this description for the Identity parameter:

-Identity <ADUser>
        Specifies an Active Directory user object by providing one of the following property values. The identifier in parentheses is the LDAP display name for the attribute.

      Distinguished Name 
        Example:  CN=SaraDavis,CN=Europe,CN=Users,DC=corp,DC=contoso,DC=com
      GUID (objectGUID) 
        Example: 599c3d2e-f72d-4d20-8a88-030d99495f20 
      Security Identifier (objectSid) 
        Example: S-1-5-21-3165297888-301567370-576410423-1103
      SAM account name  (sAMAccountName) 
        Example: saradavis

Note that Name is not one of the identities it will accept. Name is not an indexed attribute in AD, because it is not guaranteed to be unique. It probably is in your domain, but AD doesn't know that. To get a user by any other attribute, you need to use a filter, so your script would look something like this ( I took the liberty of folding for readability)

$USERS | Foreach{
Get-ADUser -filter "Name -eq  '$($_.name)'" -Properties mail |
Select Name, SAMAccountName, mail}|
Export-CSV -Path $OutCSV

Also note that Name and SAMAccountName are among the common properties that Get-ADUser will alwasy return, so the only other property you have to specify is Mail.

I think this will take care of the additonal requirements, but I didn't test it:

$USERS | Foreach{
  $getuser = 
    Get-ADUser -filter "Name -eq  '$($_.name)'" -Properties mail |
    Select Name, SAMAccountName, mail

  if ($getuser) {$getuser}
   else {[PSCustomObject]@{Name=$_;SAMAccountName='Not found';mail=$null}}
 } |
Export-CSV -Path $OutCSV
Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

I know this wasn't in the original requirement but would it be possible to put in a row that say the user doesn't exist with the name that was passed in if they aren't found?
Added an update to the answer (but try to avoid "scope creep" in the future).
That works. my only tweak was "Name=$_.Name" instead of "Name=$_". Thanks!
1

The reason this is not working is that the -Identity parameter that the Get-ADUser cmdlet uses is searching AD on the SamAccount property, not the Name property to retrieve the user. Thus searching for "John Doe" will not work, instead it is expecting you to be searching with the SamAccount name: "JDoe"

To search by Name, you have to filter the results by Name like this:

Get-ADUser -Filter {Name -eq "John Doe"}

Thus, your code becomes:

$USERS|Foreach{Get-ADUser -Filter {Name -eq $_.Name} -Properties * |Select Name, SAMAccountName, mail}|Export-CSV -Path $OutCSV
Improve this answer

2 Comments

Get-ADUser : Property: 'Name' not found in object of type: 'System.Management.Automation.PSCustomObject'. At U:\data\GetADUserInfo PS Script\GetADUsersDetailsCSV.psm1:19 char:28 + $USERS|Foreach{Get-ADUser -Filter {Name -eq $_.Name} -Properties * | ...
Where I run it with one user it works... Get-ADUser -Filter {Name -eq "John Doe"} -Properties * |Select Name, SAMAccountName, mail

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.