none
Confused about context RRS feed

  • Question

  • I'm not a programmer and need some help with scripting an export from AD in PowerShell.

    The following command returns a list of all users who have "tvstation" set as their company field.
    get-aduser -filter {company -eq 'tvstation'} -Properties name,title,company,userprincipalname,telephoneNumber | sort-object name | export-csv c:\temp\tvsstation.csv

    However, there are 500 some members of that group, and some of them have "corporate parent" set as their company field. I would prefer to filter by OU membership.
    OU=tvstation,OU=Chicago,OU=US,OU=Employees,OU=TMUsers,DC=CorporateParent,DC=com

    How do I change the initial command to filter by OU?

    Tuesday, October 25, 2016 3:13 PM

Answers

  • You should read the help for Get-ADUser: Get-Help -Name Get-ADUser -ShowWindow. Check out the SearchBase parameter. It's probably what you're after. You can likely leave your Filter parameter, but you can also do -Filter * to return all the member of the OU. This, providing you've added the SearchBase parameter.
    Tuesday, October 25, 2016 3:22 PM
  • You cannot filter by OU. The only attribute that indicates the parent OU is distinguishedName, and wildcards are not allowed with DN syntax attributes like distinguishedName.

    But you can assign a base with the -SearchBase parameter of Get-ADUser. In brief:

    Get-ADUser -SearchBase "ou=Sales,ou=West,dc=mydomain,dc=com"


    Richard Mueller - MVP Enterprise Mobility (Identity and Access)


    Tuesday, October 25, 2016 3:26 PM
    Moderator

All replies

  • You should read the help for Get-ADUser: Get-Help -Name Get-ADUser -ShowWindow. Check out the SearchBase parameter. It's probably what you're after. You can likely leave your Filter parameter, but you can also do -Filter * to return all the member of the OU. This, providing you've added the SearchBase parameter.
    Tuesday, October 25, 2016 3:22 PM
  • You cannot filter by OU. The only attribute that indicates the parent OU is distinguishedName, and wildcards are not allowed with DN syntax attributes like distinguishedName.

    But you can assign a base with the -SearchBase parameter of Get-ADUser. In brief:

    Get-ADUser -SearchBase "ou=Sales,ou=West,dc=mydomain,dc=com"


    Richard Mueller - MVP Enterprise Mobility (Identity and Access)


    Tuesday, October 25, 2016 3:26 PM
    Moderator