Get-ADOrganizationalUnit Subtree

Welcome Forums General PowerShell Q&A Get-ADOrganizationalUnit Subtree

Viewing 8 reply threads
  • Author
    Posts
    • #222558
      Participant
      Topics: 66
      Replies: 71
      Points: 510
      Rank: Major Contributor

      I am running a report on our users and fashioning a nice clean report listing the Name of their OU, among other parameters.

      All companies have a root ou called ‘Hosted’ and then there are about 100 SubOU’s from within.ย  ย I want to iterate through each OU and then loop through each user to output an object of ‘OU’, ‘user’, etc…

      To first get my list of OU’s, I execute this command.

      $OUs = Get-ADOrganizationalUnit -Filter * -Searchbase 'OU=Hosted,DC=XXXX,DC=local' -SearchScope Subtree

      However, the OUs object lists the ‘Hosted; OU in the array, which I would expect “SearchScope Subtree” parameter to only list the sub-OUs.

      PS H:\> $OUs | Where-Object{$_.name -like "Hosted"}
      
      RunspaceId : 26696d78-75d7-4097-9b7c-8f837c7d8c9e
      City :
      Country :
      DistinguishedName : OU=Hosted,DC=XXXX,DC=local
      LinkedGroupPolicyObjects : {}
      ManagedBy :
      Name : Hosted
      ObjectClass : organizationalUnit
      ObjectGUID : 37b8b83d-1f1a-4c1c-a0ed-01287bb5b1b2
      PostalCode :
      State :
      StreetAddress :
      
      

      How do I create an array of only Sub-OU’s of a root OU?

       

       

    • #222573
      Participant
      Topics: 4
      Replies: 2231
      Points: 5,414
      Helping Hand
      Rank: Community MVP

      I am running a report on our users and fashioning a nice clean report listing the Name of their OU, among other parameters.

      Hmmm … I assume you want to create this report for all of your ‘Hosted’-OUs and their users anyway, right? Why bother to create a sophisticated query? You could simply query all users from your AD strucrure along with their “CanonicalName” – and of course the other parameters you’re after. When you sort this list by CanonicalName you’re almost done with it. ๐Ÿ˜‰ The rest is a little string acrobatics or Excel formatting. ๐Ÿ˜‰ ๐Ÿ˜‰ ๐Ÿ˜€

      $SearchBase = 'DC=XXXX,DC=local'
      
      Get-ADUser -Filter * -SearchBase $SearchBase -Properties CanonicalName |
          Select-Object -Property Name,CanonicalName |
              Sort-Object -Property CaconicalName
    • #222576
      Participant
      Topics: 66
      Replies: 71
      Points: 510
      Rank: Major Contributor

      It would be helpful if I had the OU the user was a part of.ย  Preferably just the ‘Name’ property and not the full “DinstinguishedName’ property.

       

      Basically, the report should have.

      Name SamAccountName OU
      Jon Smith jsmith Company 1
      Jon Doe jdoe Company 2
    • #222582
      Participant
      Topics: 4
      Replies: 2231
      Points: 5,414
      Helping Hand
      Rank: Community MVP

      That’s what I meant. If the “Hosted”-OUs are all on the same “level” in your AD it’s a piece of cake to extract this bit of information from the CanonicalName.

      ('dc.local/someOU/someOtherOU/Hosted/SubHostedOU/Sites/Users' -split '/')[4]
    • #222618
      Participant
      Topics: 66
      Replies: 71
      Points: 510
      Rank: Major Contributor

      There are one or two OU’s that might go 2, maybe 3 deep.

    • #222621
      Participant
      Topics: 4
      Replies: 2231
      Points: 5,414
      Helping Hand
      Rank: Community MVP

      There are one or two OUโ€™s that might go 2, maybe 3 deep.

      I really don’t understand what you mean with this. You may post some examples.

    • #222687
      Participant
      Topics: 66
      Replies: 71
      Points: 510
      Rank: Major Contributor
      • Hosted OU
        • Company1_OU
          • User1_1
          • User2_1
          • User3_1
        • Company2_OU
          • User1_2
          • User2_2
          • User3_2
          • Company2A_OU
            • User1_2A
            • User2_2A
            • User3_2a
        • Company3_Ou
          • User1_3
          • User2_3
          • User3_#

       

      Need to capture all of these users and their attributes and list the OU that each is attributed along with other attributes.

      Name OU
      User1_1 Company1_OU
      User2_1 Company1_OU
      User3_1 Company1_OU
      User1_2 Company2_OU
      User2_2 Company2_OU
      User3_2 Company2_OU
      User1_2A Company2A_OU
      User2_2A Company2A_OU
      User3_2A Company2A_OU
      User1_3 Company3_OU
      User2_3 Company3_OU
      User3_3 Company3_OU

       

      My original command was to first capture all of the OU’s within the HOsted OU..recursively to capture the subOUs (example Company_2A).

       

      My original command was to declare my ‘Hosted’ OU and then the subtree parameter to recursively grab the subou’s, however the root OU appears in the list.

       

      $OUs = Get-ADOrganizationalUnit -Filter * -Searchbase ‘OU=Hosted,DC=XXXX,DC=local’ -SearchScope Subtree

    • #222753
      Participant
      Topics: 4
      Replies: 2231
      Points: 5,414
      Helping Hand
      Rank: Community MVP

      My original command was to first capture all of the OUโ€™s within the HOsted OU..recursively to capture the subOUs (example Company_2A).
      My original command was to declare my โ€˜Hostedโ€™ OU and then the subtree parameter to recursively grab the subouโ€™s, however the root OU appears in the list.

      OK, but if I got this right that would be a manual process anyway, right. ๐Ÿ˜‰

      If you have 2 levels where to find relevant information in your OU structure you could use this …

      ('dc.local/someOU/someOtherOU/Hosted/SubHostedOU/Sites/Users' -split '/')[4]

      … twice and simply fill in 2 columns. You could even filter it easily then in Excel for example. ๐Ÿ˜‰

    • #223506
      Participant
      Topics: 3
      Replies: 324
      Points: 1,056
      Helping Hand
      Rank: Community Hero

      If the issue is it’s also including the root OU then just filter it out.

      $searchbase = 'OU=Hosted,DC=XXXX,DC=local'
      $OUs = Get-ADOrganizationalUnit -Filter * -Searchbase $searchbase -SearchScope Subtree | where distinguishedname -ne $searchbase
Viewing 8 reply threads
  • You must be logged in to reply to this topic.