Case sensitive Search

This topic contains 7 replies, has 3 voices, and was last updated by  Chris 5 months, 1 week ago.

  • Author
    Posts
  • #72946

    Chris
    Participant

    Hi Guys,

    Im trying to do a case sensitive search of AD. Basically old accounts used to use Capital Letters in their login name. I would like to find any records that have a capital letter and then i can put it into a report.

    So far i have:

     
    
    Import-Module ActiveDirectory
    
    Get-ADUser -filter { name -ceq "A" } 
    
    

    I would like to get this to work, before i try and work out how to go through a loop of all alphabetical characters. I get the following error:

     
    Get-ADUser : Error parsing query: ' name -clike "A" ' Error Message: 'Operator Not supported: -clike' at position: '7'.
    At line:6 char:1
    + Get-ADUser -filter { name -clike "A" }
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : ParserError: (:) [Get-ADUser], ADFilterParsingException
        + FullyQualifiedErrorId : Error parsing query: ' name -clike "A" ' Error Message: 'Operator Not supported: -clike' at p 
       osition: '7'.,Microsoft.ActiveDirectory.Management.Commands.GetADUser
    

    Do i have the operator wrong? I was under the impress adding "c" would make it case Sensitive, rather than powershells default insensitive nature?

    Any help would be greatly received 😀

  • #72953

    Don Jones
    Keymaster

    The PowerShell command actually has to "translate" the PowerShell operators into something AD itself understands. -clike is obviously one that the command doesn't support :(.

    Although the -like operators are only really useful when you include a wildcard, as in "A*".

    Anyway.

    Because you need this to be case-sensitive, you may end up having to write a native LDAP query, and use -LdapFilter instead of -Filter.

  • #72955

    Olaf Soyk
    Participant

    Probably you could use a Where-Object pipe with a regex match like '^[A-Z].*' for the SamAccountName.

  • #72958

    Chris
    Participant

    Thank you Don, i will go ahead and use LdapFilter and see if i can get something going!

  • #73031

    Chris
    Participant

    Hi Olaf,

    So i tried to incorperate some REGEX, but i'm not sure if i have it completely correct, could you have a peek for me?

    
    import-module ActiveDirectory
    
    Get-ADUser -Filter * -SearchBase " CN=Students,DC=***,DC=***" -Properties GivenName, SamAccountName |
    
    Where-object {$_.SamAccountName -cmatch '^[A-Z].*'} | Select GivenName, SamAccountName |
    
    Export-csv C:\CaseSensitive.csv  -NoTypeInformation
    

    It exports the CSV, but it's empty, so probably my regex isn't quite right?

  • #73036

    Olaf Soyk
    Participant

    Chris,
    I tried it in my environment and it works actually ...

    Get-ADUser -Filter * -SearchBase "OU=***,DC=***,DC=***" -OutVariable AllUsers |
    Where-Object {$_.SamAccountName -cmatch '^[A-Z]'} -OutVariable VersalUsers | 
    Select-Object -Property GivenName, SamAccountName -OutVariable OutList |
    Export-Csv -Path C:\_temp\CaseSensitive.csv -NoTypeInformation -Delimiter ';' -Encoding UTF8

    To check every single step of your pipeline you can use -OutVariable. After your complete command executed you can inspect the "output" after each step ...

    $AllUsers
    $VersalUsers
    $OutList
  • #73042

    Chris
    Participant

    Hi Olaf,

    That's odd then, i ran the code and echo'd out the contents of the variables, which appeared....empty! So either (i guess) the samAccountName doesn't contain an uppercase letter at all, or i'm referencing something wrong in the search-base, the entire OU path is Campus -> SDC -> Users -> Non-Teaching Staff. But isolating Non-Teaching Staff should work right?

    A wierd one for sure. Worth a mention, i can't reference the OU by "OU", it throws an error, until i replace "OU" with "CN" in the search-base query, the output to the csv is a bunch of random characters : ""

  • #73043

    Chris
    Participant

    Hi Olaf! It was my -searchbase query, it wasn't quite correct, so i just pulled it directly from AD, that will teach me for trying to remember it off hand! Thank you so much 😀

You must be logged in to reply to this topic.