Logical AND with ActiveDirectory Module Get-ADComputer

This topic contains 7 replies, has 3 voices, and was last updated by Profile photo of George Eldon Sullivan George Eldon Sullivan 1 year ago.

Viewing 8 posts - 1 through 8 (of 8 total)
  • Author
  • #30742

    Can logical AND be used in a Get-ADComputer statement?

    I can get all the computer names and IP addresses with the following after I Import-Module ActiveDirectory with the following code I found elsewhere during a search:

    `Get-ADComputer -Filter (OperatingSystem Like "Windows 7*" | Format-Table IPv4Address, Name -Wrap -Auto`

    Is there a way to include logical AND in the statement so that I get the Windows 7 computers along with CanonicalName includes the string ABCD? Let's say some of the Computers are at site ABCD and some are at site EFGH. I only want to pull the ABCD site computers that are Windows 7.


    Sorry guys. I left one ")" off and the Property Flag. Should be

    Get-ADComputer -Filter (OperatingSystem Like "Windows 7*") -Property * | Format-Table IPv4Address, Name -Wrap -Auto

    Profile photo of Don Jones
    Don Jones

    If you get into really complex criteria, it can be easier to use the -ldapFilter parameter and the LDAP filtering syntax. It's a lot more robust than what -Filter can parse. Essentially, -Filter has to be translated to LDAP so it's the translation code that creates the limitations. With -ldapFilter, you can do whatever.


    Thanks Don for the tips. I look into that.

    Profile photo of Craig Duff
    Craig Duff

    If they are in an ou, then you can used the searchbase parameter of get-adcomputer to limit the results.


    Hey guys. Thanks for the tips. I am not sure if I am over complicating this or not. I am still having trouble getting a specific subnet pulled from Active Directory. If I have the 10.5.100, 10.6.100, and 10.7.100 subnets for my Windows 7 Computers and I want to pull out only the 10.5.100 then how is that done. In my googling I did see some syntax using a -where option, but I've yet to get it to work.

    Here is what I have so far that look good on the screen output:

    `Get-ADComputer -LDAPFilter "(OperatingSystem=Windows 7*)" -Properties Name, IPv4Address, OperatingSystem | Format-Table Name, IPv4Address, OperatingSystem -auto -wrap `

    In the above code is where I've tried to use the "-where" syntax, to no avail, to grab ONLY the 10.5.100 subnet, for example. I'm throwing in OS and Name, just to prove on the screen that I am indeed getting only Windows 7 systems. My ultimate goal it to produce a list of IP addresses only that are Windows 7 computers.

    Craig ... I'll start looking at searchbase examples.


    Well Craig ... you were right. Looking for searchbase I found at PermaLink 21333 in the forum a block of code which I modified:

    Get-ADComputer -Filter {OperatingSystem -like 'Windows 7*'} -SearchBase 'dc=myorg,dc=mysite, dc=org' -Properties OperatingSystem, IPv4Address, Name |
    Where-Object -FilterScript { $_.IPv4Address -Like '10.5.100.*' } |
    Format-Table OperatingSystem, IPv4Address, Name -Wrap -Auto

    By removing all formatting except for IPv4Address, I think I'll have it.


    I seem to take one step forward and two backwards. So I run the above Get-ADComputer syntax and it works. I then assign it to a variable to get IP addresses i.e.:

    `$Win7Computers=Get-ADComputer -Filter {OperatingSystem -like 'Windows 7*'} `
    -SearchBase 'dc=myorg,dc=mysite, dc=org' -Properties IPv4Address | `
    Where-Object -FilterScript { $_.IPv4Address -Like '10.5.100.*' } | `
    Format-Table IPv4Address -Wrap -Auto `

    I can then echo $Win7Computers and the list looks good. But when I try to run it through a foreach:

    foreach ($ip in $Win7Systems) {
    ping $ip
    other stuff

    and I get output such as PIng request could not find host Microsoft.PowerShell.Commands. etc. Is not the $Win7Systems putting the IP list in some sort of Array?

Viewing 8 posts - 1 through 8 (of 8 total)

You must be logged in to reply to this topic.