This topic contains 3 replies, has 3 voices, and was last updated by
January 25, 2015 at 11:37 pm #22125ParticipantTopics: 8Replies: 9Points: 0Rank: Member
I am working on a PowerShell script and could use some help. I honestly haven't made much progress. I'm first trying to figure out how to query AD and I need to query all of it, with the exception of a few OUs and I have to exclude accounts that are something like the "System" accounts, there's a list I have to exclude.
I then need to retrieve several user attribs, and email out a CSV report. I need to do this and make the last column contain the users "Enabled/Disabled" status.
Can someone kindly help me please?
January 26, 2015 at 6:21 pm #22168ParticipantTopics: 0Replies: 74Points: 0Rank: Member
Jake bro you have to give it a little effort first. This can easily be found with 5 minutes on Google *cough*...I mean Bing. Please don't take advantage of folks kindness by letting them do your work.
January 26, 2015 at 9:40 pm #22169ParticipantTopics: 8Replies: 9Points: 0Rank: Member
I have been putting in effort, I did find things by searching online using all the search engines, but I'm not sure how to tie them together. I know how to search the domain for users, and gather user attributes, but I don't know how to exclude OUs along with accounts that start with specific "strings".
I then am not sure how to email out what I get back. I'll keep working on it.
I am trying to learn, not just have someone write this for me.
January 27, 2015 at 1:49 pm #22192ParticipantTopics: 4Replies: 262Points: 60Rank: Member
I don't have my server available to validate the exact syntax, so consider this pseudo code for some pointers.
#Get all accounts apart from excluded ones
$excludedAccounts = @('my','list','of','excluded','accounts')
$nonExcludedAccounts = Get-ADUser -Filter * -Property * | Where SamAccountName -notin $excludedAccounts
#Apart from OUs that begin with.........
In order to check the OU where the user is located, I think you're going to have to access the DistinguishedName or CanonicalName attributes, and then parse them to identify the OU (the CN is the first item in it, not the OU). The AD cmdlets are not as pipeline friendly as some of the other cmdlets, so you can't combine Get-ADUser with Get-ADOrganizationalUnit. Alternatively, you could reverse the order wherby you use Get-OrganizationalUnit first, apply a filter, and then from those results, use Get-ADUser with a SearchBase attribute of the DN from the each item in the collection returned by Get-ADOrganizationalUnit.
#Get some properties
$userAttributes = $finalUserList | Select Property1,Property2
#Export to CSV
Use Export-CSV with $userAttributes
Use Send-MailMessage with the file details.
The topic ‘Posh Script - AD Users - exclude OUs?’ is closed to new replies.