Filtering users by multiple values

Tagged: 

This topic contains 9 replies, has 5 voices, and was last updated by Profile photo of Dan Potter Dan Potter 5 days, 12 hours ago.

  • Author
    Posts
  • #59016

    Hi,

    I want do following. Filter users by City, Phone etc. Found with ones have wrong city or Phone put in AD.

    I can do it without any problem with following commands run seperately:

    $office | % {get-aduser -searchbase $ou -filter {(Enabled -eq $True) -and (PasswordNeverExpires -eq $False) -and (Office -notlike $_)}}
    $Company | % {get-aduser -searchbase $ou -filter {(Enabled -eq $True) -and (PasswordNeverExpires -eq $False) -and (Company -notlike $_)}}
    $fax | % {get-aduser -searchbase $ou -filter {(Enabled -eq $True) -and (PasswordNeverExpires -eq $False) -and (Fax -notlike $_)}}

    But now what i would want do is to run this 3 "together" and at the end export result to csv.

    To put simple i want:

    If user office is not set to New york AND Company not set to Apple AND Fax not set to 0000001 THEN export result to CSV

    What will be the simpliest way – guess some simple script will be better then single line?

  • #59017
    Profile photo of Don Jones
    Don Jones
    Keymaster

    Well... you could certainly combine all of that into a single -Filter criteria. Have you tried that? But yes, it'd probably involve some nested ForEach loops or something. I don't quite understand your input values so it's a little hard to imagine the structure you'd need.

  • #59025
    Profile photo of Ron
    Ron
    Participant

    Not quite sure I follow the "together" part. Do you want a single list of users who have all 3 fields set wrong or a single list where any 1 of the criteria is met? In other words, -and or -or the 3 conditions?

  • #59026
    Profile photo of Dan Potter
    Dan Potter
    Participant

    use the -or comparison operator.

    
    $splat = @{
    
    filter={(Enabled -eq $True) -and (PasswordNeverExpires -eq $False)}
    properties = 'office','fax','company'
    searchbase = 'OU=...'
    
    }
    
    
    get-aduser @splat | ? {($_.office -ne 'home') -or ($_.fax -ne '555-5555') -or ($_.company -ne 'MSFT')}
    
    
    
  • #59029
    Profile photo of Dan Potter
    Dan Potter
    Participant

    booleans

    
    $users = get-aduser @splat | %{
    
    [pscustomobject]@{
    
    account = $_.samaccountname
    office = $_.office -eq 'Home' 
    fax = $_.fax -eq '555-5555' 
    company = $_.company -eq 'MSFT'
    
    }
    
    }
    
    
    $users | ? {($_|gm) -match 'False'}
    
    
  • #59110

    This is cool but i dont think it will work the way i need 🙂

    I tried replacing -or with -and but altough it doesnt give me any error – it also doesnt show me user that i know have all this three parameters correct.

    So just to clear up – yes i need to have this three parameters match. Option to include more than one office, more than one fax number would be cool also so i can use to find all account the are not setup correctly.

    By multiple i mean:

    Office like New York or Warsaw or Moscow
    Fax Like 00001 or 00002 or 000003

    If nothing of this match – list users

  • #59166
    Profile photo of Dan Potter
    Dan Potter
    Participant

    Those are just examples, you can adjust them at will to suit your needs. You can literally do anything with PS..Do you own a tesla?

  • #59169
    Profile photo of Jeffery Hayes
    Jeffery Hayes
    Participant

    Dan just wanted to say Kudos as I didn't even think about making a Variable for a parameter for adusers.

  • #59179
    Profile photo of Ron
    Ron
    Participant

    What does your input file look like?

  • #59185
    Profile photo of Dan Potter
    Dan Potter
    Participant

    Do you mean the splatting? I like using it when the whole command wraps several lines in the shell. Easier to see whats going on.

    Added bonus you can dive back into the hashtable if you didn't want to return the default property set.

    get-aduser @splat | select $splat.properties

You must be logged in to reply to this topic.