locked
get-azureaduser extension RRS feed

  • Question

  • Hello,

    I am trying to get all users from azuread who has only specific extension attribute added to them. tried running below with 0 returned results:

    get-azureaduser -all $true | Where-Object -Property "extension_8675309df908412345678afeadfood3e_CustomStuff" -eq "y"

    Also similarly I have tried to run and get users who have a department value and also returned 0. Any idea what am I doing wrong? If I change $true to $NULL, it does return users who have no department however. 

    Get-Azureaduser -all $true -filter 'accountEnabled eq true' | Where department -eq $true | select UserPrincipalName,Department |export-csv C:\azureusers15.csv


    MK

    Wednesday, November 6, 2019 1:22 PM

Answers

  • Where-Object{$_.department}

    This will return only records where the department has a value.


    \_(ツ)_/

    • Marked as answer by waer01 Thursday, November 7, 2019 2:35 PM
    Wednesday, November 6, 2019 6:36 PM

All replies

  • Try:

    Where {department -Like "*"}

    Edit: This reference may help:

    https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/where-object?view=powershell-6

    which has this example:

    Where-Object -Property PriorityClass -eq -Value "Normal"


    Richard Mueller - MVP Enterprise Mobility (Identity and Access)


    Wednesday, November 6, 2019 1:58 PM
  • thank you, I have tried

    Where {department -Like "*"}

    but it returns all user accounts who don't even have anything entered in department attribute.

    And when I run 2nd one I get no results:

    Get-azureadUser -all $true -Filter 'accountEnabled eq true' | Where-Object -Property department -eq -Value "Normal" | export-csv c:\tools\export10.csv


    MK

    Wednesday, November 6, 2019 3:08 PM
  • Apparently, standard PowerShell syntax doesn't always work with AzureAD cmdlets. And documentation is lacking. This blog post may help:

    https://blogs.technet.microsoft.com/chadcox/2017/06/30/powershell-useful-azure-ad-queries-using-the-azuread-module/

    Edit: Also, try:

    Where {$_.department -Like "*"}


    Richard Mueller - MVP Enterprise Mobility (Identity and Access)


    Wednesday, November 6, 2019 3:21 PM
  • unfortunately same result - all users pulled. But I did find one good example in your link for filtering by email address ({$_.userprincipalname -like "*onmicrosoft.com"}).

    However still not sure about department and extensionproperty attribute. Does not seem I can find a way to filter by that.



    MK

    Wednesday, November 6, 2019 4:20 PM
  • The one example in the link shows the properties that are retrieved by default, and UserPrincipalName is included. Department and extensionProperty are not. Since there is no -Properties parameter supported, I conclude the cmdlet cannot retrieve any other properties. The -Filter parameter syntax only supports OAuth filters, which I find very confusing.

    Richard Mueller - MVP Enterprise Mobility (Identity and Access)

    Wednesday, November 6, 2019 4:41 PM
  • Where-Object{$_.department}

    This will return only records where the department has a value.


    \_(ツ)_/

    • Marked as answer by waer01 Thursday, November 7, 2019 2:35 PM
    Wednesday, November 6, 2019 6:36 PM