1

I'm trying to query AD for a list of users from their Surname, which are help in a list.

I've tried most of the afternoon, but I just get a blank Excel sheet.

Also I want to know if there is more than one person with that username in AD, no idea how to even start with that one.

What I have so far:

Import-module ActiveDirectory 
$names = get-content c:\tempfiles\Final.txt
$names | ForEach-Object {
$ADUserParams=@{ 
'Searchbase' = 'OU=Administrators,OU=Locations,DC=The,DC=group,DC=com' 
'Searchscope'= 'Subtree' 
}
get-aduser @ADUserParams  -filter 'surname -like "$Names*"' | Select-Object Samaccountname, UserPrincipalName | export-csv C:\TempFiles\Usernames.csv
}

Do I even need a filter if it's a foreach-object? And is there a way to then check AD within that OU if there are more than one surname that are the same, and how would I count them? I can pull out a list of users surnames and then run the following, but it's then a manual task to locate the missing names. (If that makes sense)

What I have for that so far is:

get-content C:\TempFiles\Users.txt | sort -u > C:\TempFiles\users_cleaned.txt
Improve this question
8
  • Inside your ForEach-Object scriptblock you should be referencing $_ instead of $names. Commented Mar 30, 2017 at 15:00
  • 2
    'surname -like "$Names*" should it be 'surname -like "$_.Names*" Commented Mar 30, 2017 at 15:02
  • Sorry was in a rush to leave and idn't read all your comment.. :) replace name with $_ Commented Mar 30, 2017 at 15:04
  • 1
    @NorrinRad - No. The assumption here is that the file C:\tempfiles\Final.txt is a text file with one name per line; it's not a CSV with one column. Therefore, $Names is an array with one name per entry, rather than being a "record" with fields. So, your filter should be "surname -like '$_'" - note especially that the outer quotes are double quotes, allowing the variable to be expanded. The single inner quotes do not affect expansion, in this case. Commented Mar 30, 2017 at 15:07
  • "Also I want to know if there is more than one person with that username in AD": Usernames have to be unique in AD. Do you mean more than one person with that surname? Commented Mar 30, 2017 at 15:08

1 Answer 1

Reset to default
1

This should do it (however is untested as I don't have access to an AD right now):

Import-module ActiveDirectory 
$names = get-content c:\tempfiles\Final.txt

$ADUserParams=@{ 
    'Searchbase' = 'OU=Administrators,OU=Locations,DC=The,DC=group,DC=com' 
    'Searchscope'= 'Subtree' 
}

$names | ForEach-Object {
    $CurrentUser = get-aduser @ADUserParams -filter "surname -like '$_*'" | Select-Object Samaccountname, UserPrincipalName

    If ($CurrentUser) {

        If ($CurrentUser.Count -gt 1){ $DuplicateSurname = $true }Else{ $DuplicateSurname=$false }

        $CurrentUser | ForEach-Object {
            $_ | Add-Member -MemberType NoteProperty -Name DuplicateSurname -Value $DuplicateSurname
            Write-Output $_
        }
    } Else {
        Write-Warning "$_* did not matched any users."
    }

} | export-csv C:\TempFiles\Usernames.csv

Explanation:

Within a ForEach-Object loop the current item in the pipeline is represented by $_. You also need to use double quotes for the filter string, as variables (like $_) are expanded in double quoted strings, not single quoted strings.

You don't need to declare your $ADUserParams hashtable within the loop (that's wasteful) so I moved it outside.

The result of Get-ADUser will be returned to the pipeline, so finally I moved the | export-csv outside of the ForEach-Object so that the result of the processing is piped in to it. I think without this you'd only get the final result.

"Also I want to know if there is more than one person with that username in AD"

To handle this I have put a second ForEach-Object that loops through every user returned in to $CurrentUser and adds a "DuplicateSurname" property to the object (which should then be an additional column in your CSV) based on whether the count of $CurrentUser is more than 1 or not.

Finally we have to make sure that the contents of $_ are put back in to the pipeline which we do with Write-Object $_.

Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

Hi Thanks all for your explanations, making it very clear to understand where I was going wrong. The username duplicates would be when I extract the user using the surname I need to know first if there is more than 1 person with that surname i.e. Smith? A smith or b.smith etc .. once again thanks for your help and advice. Much appreciated
I have amended my answer to attempt to get you whether surnames are duplicated or not as an additional property on the object.
Thjanks MarkAdd-Member : Cannot bind argument to parameter 'InputObject' because it is null. At line:16 char:24 + $_ | Add-Member <<<< -MemberType NoteProperty -Name DuplicateSurname -Value $DuplicateSurname
Sorry pressed enter again ... I'm getting the error message when I run the script, however it does still produce an out put. The error is ....................Add-Member : Cannot bind argument to parameter 'InputObject' because it is null. At line:16 char:24 + $_ | Add-Member <<<< -MemberType NoteProperty -Name DuplicateSurname -Value $DuplicateSurname
That will be because sometimes the surname in your file matches 0 users in that part of AD. I've added an If block to catch that with an Else block that writes a warning message to the console so you can see what didn't match. This uses write-warning which I think requires you're using PS v3 or above (maybe v4, not sure).

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.