none
how do i limit my search? RRS feed

  • Question

  • i need to limit my search using SearchBase but i'm a little stuck with how i'm doing it:

    if (Get-ADuser -Filter {samAccountName -like $_.ID} -searchBase "OU=Main,DC=ACME,DC=com" )

    if i don't put a parenthesis around the $_.ID it would give an error

    Get-ADuser : Property: 'ID' not found in object of type: 'System.Management.Automation.PSCustomObject'.

    if there is a parenthesis, it doesn't do anything.

    could i be overlooking something or there's another way to do a limited search for samAccountName?

    regards,

    Reno

    Wednesday, October 26, 2016 12:17 PM

Answers

  • Use -LDAPFilter instead of -Filter and remove the 'translation' step. (The AD cmdlets have to convert -Filter into an LDAP query sting anyway, so you might as well specify the LDAP filter directly.)

    -- Bill Stewart [Bill_Stewart]

    • Marked as answer by rino19ny Thursday, October 27, 2016 9:34 AM
    Wednesday, October 26, 2016 2:29 PM
    Moderator

All replies

  • Hi Reno,

    AD-Cmdlet filters were always a mess. Adding the automatic pipeline variable to it doesn't make it any better though. Try this instead:

    $ID = $_.ID
    if (Get-ADuser -Filter {samAccountName -like $ID} -searchBase "OU=Main,DC=ACME,DC=com" )

    Cheers,
    Fred


    There's no place like 127.0.0.1

    Wednesday, October 26, 2016 12:21 PM
  • Use -LDAPFilter instead of -Filter and remove the 'translation' step. (The AD cmdlets have to convert -Filter into an LDAP query sting anyway, so you might as well specify the LDAP filter directly.)

    -- Bill Stewart [Bill_Stewart]

    • Marked as answer by rino19ny Thursday, October 27, 2016 9:34 AM
    Wednesday, October 26, 2016 2:29 PM
    Moderator
  • ah, LDAPFilter is much more flexible :)

    thank you!

    Thursday, October 27, 2016 9:34 AM