Extract USers BAsed on SamAccountname (Secondary Accounts)

Welcome Forums General PowerShell Q&A Extract USers BAsed on SamAccountname (Secondary Accounts)

Viewing 6 reply threads
  • Author
    Posts
    • #222174
      Participant
      Topics: 1
      Replies: 2
      Points: 18
      Rank: Member

      hello everyone,

      i’m new to this forums, i discovred it few days ago, so much helpful people arround here 🙂

      i’m new to powershell and wanted a guidance from the professionals,

      we have in our little production environment all users with unique codes, and separate account for Admins sharing the same Code with a “_admin” added, so for example :

      -Normal  user account : USER1 , respective Admin Account : USER1_admin

       

      i wan to extract and export all users’s SamAccountNames with their respective admin SAN accounts, and i’m kind of lost. can anyone illuminate me about a way to achieve this ?

       

      thanking you all in advance !

    • #222186
      Participant
      Topics: 12
      Replies: 519
      Points: 1,194
      Helping Hand
      Rank: Community Hero
      Get-ADuser | sort samAccountName
      
    • #222189
      Participant
      Topics: 4
      Replies: 2231
      Points: 5,414
      Helping Hand
      Rank: Community MVP

      sfirita, welcome to Powershell.org. Please take a moment and read the very first post on top of the list of this forum: Read Me Before Posting! You’ll be Glad You Did!.

      This forum is for scripting questions rather than script requests. We do not write customized and ready to use scripts or solutions on request.

      … and i’m kind of lost.

      What exactly is it what you don’t understand? Please show your code – even if it does not work as you expect it or does not work at all.

    • #222192
      Participant
      Topics: 1
      Replies: 2
      Points: 18
      Rank: Member

      sfirita, welcome to Powershell.org. Please take a moment and read the very first post on top of the list of this forum: Read Me Before Posting! You’ll be Glad You Did!.

      This forum is for scripting questions rather than script requests. We do not write customized and ready to use scripts or solutions on request.

      … and i’m kind of lost.

      What exactly is it what you don’t understand? Please show your code – even if it does not work as you expect it or does not work at all.

      hello again,

      thank you for your answer, yeah i know i didnt ask for a complete script 🙂

      just wanted a way out that i can follow, i want to learn , and to do that i have to fail and retry 🙂

      so this is my script, which is working fine to extract usersnwith selected attributes :

      get-aduser -Server $Server -Filter * -SearchBase "OU=GROUPADMIN,OU=COUNTRY,OU=User-Accounts,DC=EM,DC=cab" -Properties Enabled, SamAccountName, createTimeStamp, Lastlogon, AccountExpires, DisplayName, LockedOut, Description, sn ,
      givenName , CanonicalName, mail, Department, physicalDeliveryOfficeName, telephoneNumber, city, memberof |
      
      select enabled, SamAccountName, createtimestamp, @{Name=”LastLogon”;Expression={[DateTime]::FromFileTime($_.lastlogon)}}, @{Name=”accountexpires”;Expression={[DateTime]::FromFileTime($_.accountexpires)}},
      DisplayName, LockedOut, Description, sn , givenName , CanonicalName, mail, Department, physicalDeliveryOfficeName, telephoneNumber, city, @{Label="DA";Expression={If($_.MemberOf -join "" -match "CN=Domain Admins,"){"Yes"}Else{"No"}}} | Out-GridView -OutputMode Single

      what i want is a way to add another column, where based on the samaccountname i can have the sameaccountnames with a “_a” tag in the end, cause as i explained, we have different admin accounts for the same SAN , differentiated with the “_a” . i hope i explained well my problem, english is not my native language.

    • #222210
      Participant
      Topics: 12
      Replies: 519
      Points: 1,194
      Helping Hand
      Rank: Community Hero
      # Let's not do ugly please :)
      $ParameterList = @{
          Server     = $Server 
          Filter     = '*' 
          SearchBase = 'OU=GROUPADMIN,OU=COUNTRY,OU=User-Accounts,DC=EM,DC=cab'
          Properties = @('Enabled','SamAccountName','createTimeStamp','Lastlogon','AccountExpires',
              'DisplayName','LockedOut','Description','sn ','givenName','CanonicalName','mail',
              'Department','physicalDeliveryOfficeName','telephoneNumber','city','memberof')
      }
      
      $PropertyList = @('enabled','SamAccountName','createtimestamp',
          @{Name='LastLogon';Expression={[DateTime]::FromFileTime($_.lastlogon)}},
          @{Name='accountexpires';Expression={[DateTime]::FromFileTime($_.accountexpires)}},
          'DisplayName','LockedOut','Description','sn','givenName','CanonicalName','mail','Department',
          'physicalDeliveryOfficeName','telephoneNumber','city',
          @{Label='DA';Expression={If($_.MemberOf -join '' -match 'CN=Domain Admins,'){'Yes'}Else{'No'}}}
      )
      
      $UserList = Get-ADUser @ParameterList | select $PropertyList 
      # $UserList | Out-GridView -OutputMode Single
      
      $AdminList = $UserList | where SamAccountName -Match '_admin'
      $NotAdminList = $UserList | where SamAccountName -NotMatch '_admin'
      $NotAdminList | Add-Member -MemberType NoteProperty -Name 'AdminSamAccountName' -Value '' -EA 0 
      $NotAdminList | foreach {
          $_.AdminSamAccountName = ($AdminList | where where SamAccountName -Match $_.SamAccountName).SamAccountName
      }
      $NotAdminList | Out-GridView -OutputMode Single
      
    • #222213
      Participant
      Topics: 12
      Replies: 1610
      Points: 2,508
      Helping Hand
      Rank: Community Hero

      Another approach if you don’t need tons of properties from the admin account:

      $users = Get-ADUser -Filter * |
               Select Name,
                      SamAccountName,
                      @{Name='Admin';Expression={Get-ADUser -Filter "SamAccountName -eq 'admin-$_.SamAccountName'"}}
      

      Not tested, but something like this should be possible.

    • #222219
      Participant
      Topics: 1
      Replies: 2
      Points: 18
      Rank: Member

      thanks everyone for your help, i’ve got some ideas, i’ll try this out, and will let you know 🙂 thans a lot again !

Viewing 6 reply threads
  • You must be logged in to reply to this topic.