Case sensitive Search

This topic contains 7 replies, has 3 voices, and was last updated by Profile photo of Chris Chris 1 week, 3 days ago.

  • Author
    Posts
  • #72946
    Profile photo of Chris
    Chris
    Participant

    Hi Guys,

    Im trying to do a case sensitive search of AD. Basically old accounts used to use Capital Letters in their login name. I would like to find any records that have a capital letter and then i can put it into a report.

    So far i have:

     
    
    Import-Module ActiveDirectory
    
    Get-ADUser -filter { name -ceq "A" } 
    
    

    I would like to get this to work, before i try and work out how to go through a loop of all alphabetical characters. I get the following error:

     
    Get-ADUser : Error parsing query: ' name -clike "A" ' Error Message: 'Operator Not supported: -clike' at position: '7'.
    At line:6 char:1
    + Get-ADUser -filter { name -clike "A" }
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : ParserError: (:) [Get-ADUser], ADFilterParsingException
        + FullyQualifiedErrorId : Error parsing query: ' name -clike "A" ' Error Message: 'Operator Not supported: -clike' at p 
       osition: '7'.,Microsoft.ActiveDirectory.Management.Commands.GetADUser
    

    Do i have the operator wrong? I was under the impress adding "c" would make it case Sensitive, rather than powershells default insensitive nature?

    Any help would be greatly received 😀

  • #72953
    Profile photo of Don Jones
    Don Jones
    Keymaster

    The PowerShell command actually has to "translate" the PowerShell operators into something AD itself understands. -clike is obviously one that the command doesn't support :(.

    Although the -like operators are only really useful when you include a wildcard, as in "A*".

    Anyway.

    Because you need this to be case-sensitive, you may end up having to write a native LDAP query, and use -LdapFilter instead of -Filter.

  • #72955
    Profile photo of Olaf Soyk
    Olaf Soyk
    Participant

    Probably you could use a Where-Object pipe with a regex match like '^[A-Z].*' for the SamAccountName.

  • #72958
    Profile photo of Chris
    Chris
    Participant

    Thank you Don, i will go ahead and use LdapFilter and see if i can get something going!

  • #73031
    Profile photo of Chris
    Chris
    Participant

    Hi Olaf,

    So i tried to incorperate some REGEX, but i'm not sure if i have it completely correct, could you have a peek for me?

    
    import-module ActiveDirectory
    
    Get-ADUser -Filter * -SearchBase " CN=Students,DC=***,DC=***" -Properties GivenName, SamAccountName |
    
    Where-object {$_.SamAccountName -cmatch '^[A-Z].*'} | Select GivenName, SamAccountName |
    
    Export-csv C:\CaseSensitive.csv  -NoTypeInformation
    

    It exports the CSV, but it's empty, so probably my regex isn't quite right?

  • #73036
    Profile photo of Olaf Soyk
    Olaf Soyk
    Participant

    Chris,
    I tried it in my environment and it works actually ...

    Get-ADUser -Filter * -SearchBase "OU=***,DC=***,DC=***" -OutVariable AllUsers |
    Where-Object {$_.SamAccountName -cmatch '^[A-Z]'} -OutVariable VersalUsers | 
    Select-Object -Property GivenName, SamAccountName -OutVariable OutList |
    Export-Csv -Path C:\_temp\CaseSensitive.csv -NoTypeInformation -Delimiter ';' -Encoding UTF8

    To check every single step of your pipeline you can use -OutVariable. After your complete command executed you can inspect the "output" after each step ...

    $AllUsers
    $VersalUsers
    $OutList
  • #73042
    Profile photo of Chris
    Chris
    Participant

    Hi Olaf,

    That's odd then, i ran the code and echo'd out the contents of the variables, which appeared....empty! So either (i guess) the samAccountName doesn't contain an uppercase letter at all, or i'm referencing something wrong in the search-base, the entire OU path is Campus -> SDC -> Users -> Non-Teaching Staff. But isolating Non-Teaching Staff should work right?

    A wierd one for sure. Worth a mention, i can't reference the OU by "OU", it throws an error, until i replace "OU" with "CN" in the search-base query, the output to the csv is a bunch of random characters : ""

  • #73043
    Profile photo of Chris
    Chris
    Participant

    Hi Olaf! It was my -searchbase query, it wasn't quite correct, so i just pulled it directly from AD, that will teach me for trying to remember it off hand! Thank you so much 😀

You must be logged in to reply to this topic.