Case sensitive Search

This topic contains 7 replies, has 3 voices, and was last updated by  Chris 1 year ago.

  • Author
  • #72946


    Hi Guys,

    Im trying to do a case sensitive search of AD. Basically old accounts used to use Capital Letters in their login name. I would like to find any records that have a capital letter and then i can put it into a report.

    So far i have:

    Import-Module ActiveDirectory
    Get-ADUser -filter { name -ceq "A" } 

    I would like to get this to work, before i try and work out how to go through a loop of all alphabetical characters. I get the following error:

    Get-ADUser : Error parsing query: ' name -clike "A" ' Error Message: 'Operator Not supported: -clike' at position: '7'.
    At line:6 char:1
    + Get-ADUser -filter { name -clike "A" }
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : ParserError: (:) [Get-ADUser], ADFilterParsingException
        + FullyQualifiedErrorId : Error parsing query: ' name -clike "A" ' Error Message: 'Operator Not supported: -clike' at p 
       osition: '7'.,Microsoft.ActiveDirectory.Management.Commands.GetADUser

    Do i have the operator wrong? I was under the impress adding "c" would make it case Sensitive, rather than powershells default insensitive nature?

    Any help would be greatly received 😀

  • #72953

    Don Jones

    The PowerShell command actually has to "translate" the PowerShell operators into something AD itself understands. -clike is obviously one that the command doesn't support :(.

    Although the -like operators are only really useful when you include a wildcard, as in "A*".


    Because you need this to be case-sensitive, you may end up having to write a native LDAP query, and use -LdapFilter instead of -Filter.

  • #72955

    Olaf Soyk

    Probably you could use a Where-Object pipe with a regex match like '^[A-Z].*' for the SamAccountName.

  • #72958


    Thank you Don, i will go ahead and use LdapFilter and see if i can get something going!

  • #73031


    Hi Olaf,

    So i tried to incorperate some REGEX, but i'm not sure if i have it completely correct, could you have a peek for me?

    import-module ActiveDirectory
    Get-ADUser -Filter * -SearchBase " CN=Students,DC=***,DC=***" -Properties GivenName, SamAccountName |
    Where-object {$_.SamAccountName -cmatch '^[A-Z].*'} | Select GivenName, SamAccountName |
    Export-csv C:\CaseSensitive.csv  -NoTypeInformation

    It exports the CSV, but it's empty, so probably my regex isn't quite right?

  • #73036

    Olaf Soyk

    I tried it in my environment and it works actually ...

    Get-ADUser -Filter * -SearchBase "OU=***,DC=***,DC=***" -OutVariable AllUsers |
    Where-Object {$_.SamAccountName -cmatch '^[A-Z]'} -OutVariable VersalUsers | 
    Select-Object -Property GivenName, SamAccountName -OutVariable OutList |
    Export-Csv -Path C:\_temp\CaseSensitive.csv -NoTypeInformation -Delimiter ';' -Encoding UTF8

    To check every single step of your pipeline you can use -OutVariable. After your complete command executed you can inspect the "output" after each step ...

  • #73042


    Hi Olaf,

    That's odd then, i ran the code and echo'd out the contents of the variables, which appeared....empty! So either (i guess) the samAccountName doesn't contain an uppercase letter at all, or i'm referencing something wrong in the search-base, the entire OU path is Campus -> SDC -> Users -> Non-Teaching Staff. But isolating Non-Teaching Staff should work right?

    A wierd one for sure. Worth a mention, i can't reference the OU by "OU", it throws an error, until i replace "OU" with "CN" in the search-base query, the output to the csv is a bunch of random characters : ""

  • #73043


    Hi Olaf! It was my -searchbase query, it wasn't quite correct, so i just pulled it directly from AD, that will teach me for trying to remember it off hand! Thank you so much 😀

You must be logged in to reply to this topic.