none
Dump AD users

    Question

  • Hello guys,

    I am trying to build a powershell script to dump all users in a specific OU to a File. However I facing some challenges on this... I don't have proper understanding of DirectoryService api's. . this is the code which I have currently

    $Dom

     

    = LDAP://OU=Bangalore,OU=DS,OU=Accounts,OU=BA,DC=Continent,DC=example,DC=com
    $Root = New-Object DirectoryServices.DirectoryEntry $Dom
    $ReturnAdInfo
    = @()
     

    # Create a selector and start searching from the Root of AD
    $selector = New-Object DirectoryServices.DirectorySearcher
    $selector.SearchRoot =

    $root

     

    # Filter the users with -like "CN=Person*". Note the ForEach loop

     

    $adobj

     

    = $selector.findall()| Where-Object{$_.properties.objectcategory -like "CN=Person*"

    }

    $domusrinfo

     

    = New-Object

    psobject

     

    foreach

     

    ($person in $adobj

    )

    {

    $prop

     

    =$person.

    properties

    foreach

     

    ($dobj in $prop

    ){

    $domusrinfo

     

    |Add-Member -MemberType NoteProperty -Name "First Name" -Value $dobj.givenname

    -Force

    $domusrinfo

     

    |Add-Member -MemberType NoteProperty -Name "NBID" -Value $dobj.cn

    -Force

    $ReturnAdInfo

     

    +=

    $domusrinfo

    }

    #Write-host "First name: $($prop.givenname) Surname: $($prop.sn) User: $($prop.cn)"

    }

     As you experts will understand that I am trying to populate the $ReturnAdInfo array with all the user data from the specific OU. So that I can later export-csv or text as per the requirement.

    Issue that I am running into is that Add-member is not rewriting the noteproperty in the loop. As a result I get the same user name repeated for the number of iteration. I get why it is doing it.. However I have no better way to get this..

    I will need all the result in a global array and I would also need flexibility to add and remove noteproperties (which will be any give ad Attribute).. Please suggest guys..!

     

     

     

    $ReturnAdInfo

    Wednesday, April 27, 2011 12:03 PM

Answers

  • $objroot = [adsi]"LDAP://OU=Bangalore,OU=DS,OU=Accounts,OU=BA,DC=Continent,DC=example,DC=com"
    $objSearcher = New-Object System.DirectoryServices.DirectorySearcher
    $objSearcher.SearchRoot = $objroot
    $objSearcher.SearchScope = "Subtree"
    $objSearcher.PageSize = 1000
    $objSearcher.Filter = "(objectCategory=Person)"
    $objSearcher.FindAll() | select @{n="First Name";e={$_.properties.givenname}},@{n="NBID";e={$_.properties.cn}}
    
    • Proposed as answer by KazunMVP Wednesday, April 27, 2011 1:09 PM
    • Marked as answer by kambui Thursday, April 28, 2011 10:01 AM
    Wednesday, April 27, 2011 12:32 PM

All replies

  • $objroot = [adsi]"LDAP://OU=Bangalore,OU=DS,OU=Accounts,OU=BA,DC=Continent,DC=example,DC=com"
    $objSearcher = New-Object System.DirectoryServices.DirectorySearcher
    $objSearcher.SearchRoot = $objroot
    $objSearcher.SearchScope = "Subtree"
    $objSearcher.PageSize = 1000
    $objSearcher.Filter = "(objectCategory=Person)"
    $objSearcher.FindAll() | select @{n="First Name";e={$_.properties.givenname}},@{n="NBID";e={$_.properties.cn}}
    
    • Proposed as answer by KazunMVP Wednesday, April 27, 2011 1:09 PM
    • Marked as answer by kambui Thursday, April 28, 2011 10:01 AM
    Wednesday, April 27, 2011 12:32 PM
  •  

    Brilliant gr8 help !! .. Makes me look so stupid :P

    just One Question Kazun .. You are setting pagesize to 1000 .. does that restrict the number of users I fetch from the AD.

    BTW this is how it looks now feel free to suggest any imporvements

    $objroot = [adsi]LDAP://OU=Bangalore,OU=DS,OU=Accounts,OU=BA,DC=Continent,DC=example,DC=com

    $mainarray = @()

     

    $objSearcher

     

    = New-Object

    System.DirectoryServices.DirectorySearcher

    $objSearcher

     

    .SearchRoot =

    $objroot

    $objSearcher

     

    .SearchScope =

    "Subtree"

    $objSearcher

     

    .PageSize =

    1000

    $objSearcher

     

    .Filter =

    "(objectCategory=Person)"

    $mainarray

     

    += $objSearcher.FindAll() | select @{n="First Name";e={$_.properties.givenname}},@{n="NBID";e={$_

    .properties.cn}}

    $mainarray

     

    |Export-Csv "test.csv" -NoTypeInformation

    Wednesday, April 27, 2011 1:07 PM
  • PageSize The maximum number of objects the server can return in a paged search. The default is zero, which means do not do a paged search.After the server has found the number of objects that are specified by the PageSize property, it will stop searching and return the results to the client. When the client requests more data, the server will restart the search where it left off.

    You mau using:

    $objSearcher.FindAll() | select @{n="First Name";e={$_.properties.givenname}},@{n="NBID";e={$_.properties.cn}} | Export-Csv "test.csv" -NoTypeInformation
    
    

     


    Wednesday, April 27, 2011 1:15 PM
  • You can assign any value greater than 0 and less than or equal to 1000 for Page Size. If no value is assigned, a maximum of 1000 rows will be returned in the recordset. If you assign any value to Page Size, you turn on paging and records will be returned in pages until all records are retrieved, no matter how many there are (unless a timeout is exceeded). I have tested in my domain, and if I am retrieving more than 1000 rows the most efficient value for Page Size is 200 (although not by much). The optimal value probably depends on several factors, but the point is that retrieving larger recordsets at a time may not be more efficient. I would say the actual value doesn't matter, so long as you turn on paging.

     


    Richard Mueller - MVP Directory Services
    Wednesday, April 27, 2011 2:38 PM