Get Active Directory Contact information

Welcome Forums General PowerShell Q&A Get Active Directory Contact information

Viewing 13 reply threads
  • Author
    Posts
    • #57124
      Participant
      Topics: 56
      Replies: 63
      Points: 380
      Rank: Contributor

      Is there a way I can run a script from AD server to get list of contacts to eventually modify?

      Getting my list is easy with the following command:

      Get-ADObject -Filter ‘ObjectClass -eq “Contact”‘ -SearchBase ‘OU=AmericanSokol-Contacts,OU=AmericanSokol, OU=Hosted, DC=techpro, dc=local’

      However, I will need to modify the Contact info and to do that, there are Exchange cmdlets like get-contact that do not work on the AD server.

      Is there a way to do this exclusively from AD or do I need to immport Exchange modules from Exchange?

    • #57130
      Participant
      Topics: 18
      Replies: 575
      Points: 42
      Rank: Member

      set-adobject

    • #57133
      Participant
      Topics: 56
      Replies: 63
      Points: 380
      Rank: Contributor

      The trick is, how do I query the Contact Attribute “showinaddressbook” to see if it is Null? From initial research, it seems that I can only do this from Exchange.

      I have limited access to Exchange so I am trying to accomplish this from AD if possible.

    • #57136
      Ron
      Participant
      Topics: 0
      Replies: 199
      Points: 2
      Rank: Member

      It can be tricky trying to do it with only the AD commands. You would be better off running the exchange commands when its time to make the modifications. There are subtle things that change in many instances that you may not account for when attempting to do them manually in AD.

    • #57139
      Participant
      Topics: 18
      Replies: 575
      Points: 42
      Rank: Member

      get-adobject -Filter {(objectclass -eq ‘contact’) -and (showinaddressbook -like “*”)} -Properties showinaddressbook | select -First 1

      inverse is -notlike

    • #57292
      Participant
      Topics: 56
      Replies: 63
      Points: 380
      Rank: Contributor

      So upshot is that I need to import Exchange capabilities when I have to modify/delete/write entries in the attribute list if it relates to these email contacts…specifically the showinaddressbook attribute?

    • #57326
      Participant
      Topics: 18
      Replies: 575
      Points: 42
      Rank: Member

      If an attribute is writeable you can do whatever you want with it. It’s not so hard to use both exchange and ad modules together, I do it all the time. Grab the installation media for exchange and only install the tools.

    • #57373
      Ron
      Participant
      Topics: 0
      Replies: 199
      Points: 2
      Rank: Member

      Yes, the “Hide From Exchange address list” attribute is not straightforward. The checkbox in EMC is stored in msExchHideFromAddressLists and is checked if true, but unchecked can be False or Null. If you uncheck it in EMC, it nulls it. However, the checkbox has nothing to do with it being actually hidden. ShowInAddressBook contains the address list(s) where it is visible, and when you hide it in EMC, it does not remove it from all of them. If you want to hide it, you can set msExchHideFromAddressLists to True and clear ShowInAddressBook. If you want to make it visible again, however, you should do it through EMC or use the Exchange command, “Set-Mailbox $mb -HiddenFromAddressListsEnabled $false”. Exchange knows which address lists to use to make it properly visible again. I’m sure you could do this as well with just AD, but you’d have to know your Exchange environment exceedingly well, and it could change on you and cause your AD only script to fail.

      Edit: forgot you were doing this with contacts, same concept though, different command, “Set-MailContact $ct -HiddenFromAddressListsEnabled $false”

    • #57470
      Participant
      Topics: 56
      Replies: 63
      Points: 380
      Rank: Contributor

      From one of the technicians, this is the pseudo code he put together for me as far as what he wants to accomplish.

      Prompt for OU
      $OU = User Input

      $ContactsArray = Get List of root OU entry and subtrees of root OU of any contact type.
      ForEach ($Contact in $ContactsArray){
      If ($Contact.Attribute. showAddressBoook -eq Null){
      Make Entry
      CN=$OU Global Address List,CN=All Global Address Lists,CN=Address Lists Container,CN=TechPro-Hosted-Org,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=techpro,DC=local

      CN=$OU- All Users,CN=All Address Lists,CN=Address Lists Container,CN=TechPro-Hosted-Org,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=techpro,DC=local

      CN=$OU- All Groups,CN=All Address Lists,CN=Address Lists Container,CN=TechPro-Hosted-Org,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=techpro,DC=local
      Else
      Skip

      }

    • #57620
      Ron
      Participant
      Topics: 0
      Replies: 199
      Points: 2
      Rank: Member

      $list=@(‘dn1’,
      ‘dn2’,
      ‘dn3’)

      get contact list
      for each {
      set-adobject -identity $contact.distinguishedname -replace @{showinAddressBook = $list}
      }

      Obviously untested pseudo-code. Start with a single contact that you can screw up and fix unless you have a test environment.

    • #58109
      Participant
      Topics: 56
      Replies: 63
      Points: 380
      Rank: Contributor

      The ‘get-contact’ list is the challenge since I would need to import Exchange session into my PS console which I am running from their AD server.

      I am having an issue importing Exchange where it errors out when I run ‘import-session’ with the correct syntax.

      I have another post regarding this issue:
      https://powershell.org/forums/topic/importing-exchange-2013/

    • #58130
      Ron
      Participant
      Topics: 0
      Replies: 199
      Points: 2
      Rank: Member

      You can get them with exchange.

      get-adobject -ldapfilter “(&(objectClass=contact)(objectCategory=person)(!showinAddressBook=*))” -properties *

      This gets all contacts where showinAddressBook is null.

      Add other parameters as needed, searchbase, etc.

    • #78255
      Participant
      Topics: 0
      Replies: 1
      Points: 0
      Rank: Member

      hydrominum-info.pl Debone native equal discoursed suspense plunders. Discriminate telly balmy meditates dither. Wirier.

    • #78764
      Participant
      Topics: 0
      Replies: 1
      Points: 0
      Rank: Member

      skinoren-info.pl Flounces invalid contretemps madam harm penalise ebullient. Revs tanneries historically gory brewer.

Viewing 13 reply threads
  • The topic ‘Get Active Directory Contact information’ is closed to new replies.