Problem with checking AD user against homefolder

This topic contains 19 replies, has 4 voices, and was last updated by Profile photo of Nille Falk Nille Falk 7 months, 3 weeks ago.

Viewing 15 posts - 1 through 15 (of 20 total)
  • Author
    Posts
  • #34740
    Profile photo of Nille Falk
    Nille Falk
    Participant

    Hi,

    I'm trying to create a script that checks in AD, for users with corresponding homefolder names in a specific share. My problem with the script is that the samaccountnames are slightly different from the homefolder names.

    Example:
    AD-Account: xzxzxz
    Homefolder: xzxzxz.xz

    The difference here, is that the homefolders end with ".xz" but it has the same samaccountname.

    How can i change the below script so that it searches for AD accounts that can find users with the same samaccount names and check it with the homefolders that end with ".xz"?

    Script, see below.

    add-pssnapin quest.activeroles.admanagement

    $users = Get-QADUser -SizeLimit 0 -HomeDirectory * -DontUseDefaultIncludedProperties -IncludedProperties SamAccountName,HomeDirectory -SerializeValues

    Get-ChildItem \\servername\xxx\homeshare | Where-Object {$_.PSIsContainer } | Foreach-Object{

    $dir = $_

    $dir | Select-Object Name,FullName,@{n='ADUserExist';e={if($users | Where-Object {$_.SamAccountName -eq $dir.Name}) {$true} else {$false} }}

    }

    Would appreciate any help towards solving this, I still know way to little about power shell to figure it out myself and I have tried a lot. I don't want to go through the hassle of renaming all of the folders.

    Thanks in advance!

    #34741
    Profile photo of Dan Potter
    Dan Potter
    Participant

    'danpotter' -eq ('danpotter.xz' -replace '.xz')

    #34744
    Profile photo of Nille Falk
    Nille Falk
    Participant

    Like the below then? Or am I totally of the line at what you reffered to?

    $dir | Select-Object Name,FullName,@{n='ADUserExist';e={if($users | Where-Object {$_.SamAccountName -eq ('$dir.xz' -replace '.xz')}) {$true} else {$false} }}

    Thanks for your help, really appreciate it!

    #34748
    Profile photo of Mark Hammonds
    Mark Hammonds
    Participant

    try this

    $users = Get-ADUser -Filter *  -Properties SamAccountName,HomeDirectory | ?{$($_.HomeDirectory) -like "*$($_.SamAccountName)*"} | Select SamAccountName,HomeDirectory 
    

    this will store in a variable just the Samaccount name and HomeDirectory where home directory contains the Samaccount name if you are looking for a positional match let me know.

    example

    SamAccountName                             HomeDirectory                   
    --------------                             -------------     
    doej                                     \\server\home$\doej.pn
    smithd                                 \\server\home$\smithd.pn
    
    #34750
    Profile photo of Nille Falk
    Nille Falk
    Participant

    Thanks! I will try both of the suggestions tomorrow.
    Would really appreciate if you mention what parts in the script has to be changed, and why, so that I understand it as well. I learn as I try, but some parts are hard to figure out by myself.

    If anybody has any more suggestions I would greatly appreciate the help 🙂

    Thanks yet again!

    EDIT: You were faster than me Mark, thanks for the example and explanation. I will try it and get back with my results 🙂 Really appreciated!

    #34751
    Profile photo of Mark Hammonds
    Mark Hammonds
    Participant

    If you want to match only home folders that have a samaccount.xz

    change the trailing wild card * with .xz

    example
    This will find any homedirectory with samaccount name any where in it.
    ?{$($_.HomeDirectory) -like "*$($_.SamAccountName)*"}

    This will only match homedirectorys with samaccountname.xz on the end of it.
    ?{$($_.HomeDirectory) -like "*$($_.SamAccountName).xz"}

    #34752
    Profile photo of Dan Potter
    Dan Potter
    Participant

    Any time you use a 'where' your command has to evaluate every single user in the directory for that condition. Very inefficient for large organizations. Use the filter.

    Get-ADUser -Filter "samaccountname -eq 'superman'"

    Get-ADUser -Filter * | ? {$_.samaccountname -eq 'superman'}

    correct me if I'm wrong. If all users have a home directory of sam.xyz than evaluating sam -like *sam* would always be true, no?

    #34753
    Profile photo of Nille Falk
    Nille Falk
    Participant

    Aah, great I understand it better now, thanks a lot Mark! I will get back to you how it works.
    Really appreciated! 🙂

    #34754
    Profile photo of Mark Hammonds
    Mark Hammonds
    Participant

    Dan is correct I'm not sure how to use the filter to compare two different properties. if you know of a way I would like to learn also.

    Dan I thought he wanted to collect the matches into an object to do something with.

    #34759
    Profile photo of Dan Potter
    Dan Potter
    Participant

    The filter takes scripts although I'm still missing the intent here. If the homedirectory attribute is populated there is a corresponding folder in most cases.

    These two conditions would be the same account so I wouldn't need to evaluate both.
    get-aduser -Filter {(samaccountname -eq 'batman') -and (homedirectory -like "*batman*")}

    I read the question four times.. seems the route you want to go would be test-path homedirectory

    #34761
    Profile photo of Mark Hammonds
    Mark Hammonds
    Participant

    Your evaluating a static batman but I think he wants to evaluate the two properties i.e. Variables (homefolder -like '*sameaccount*')

    So out of all users in ad he wants to find only the ones that have a home folder consisting of the Sam account name. At least that's what I think he is wanting. Other wise he will get an out put of true true false and that's useless unless there is more to the code we are missing?

    #34763
    Profile photo of Nille Falk
    Nille Falk
    Participant

    Hmm, I see Dan. Thanks for the explanation.
    I will try to explain what I am trying to achieve a little bit better.

    The purpose is to find out what homefolders doesn't have any corresponding user in AD, in an attempt to do a big clean up in the homefolder share.

    The problem is, that the naming standard in the homefolder share isn't exactly the same as the samaccount names are for the AD-accounts, so I can't do a simple check to verify whether there exist an AD account with the same name as a homefolder, because all of the homefolders ends with samaccountname.z53 instead of only samaccountname

    I hope this explains my question better and hopefully that you guys can help me out here, because I keep scratching my head.

    Thanks a lot for all your help so far!

    @Mark

    What I want it to do, is for the value to give a True value when it finds a homefolder that has the same samaccount name as the folder does and give a false value when it doesn't find any AD-user with the same name as a homefolder, so I know if the homefolder can be removed or not. But the problem is that I can't understand how to do this, since the homefolder names end with ".xz" instead of just having the exact same name as the samaccount name for the AD account.

    I hope you guys understand me better now.

    #34766
    Profile photo of Nille Falk
    Nille Falk
    Participant

    So basically, I want the script to be able to check the homefolder share against the users samaccount name, against the folders that have the samaccount name in it, and disregard the .xz at the end so that I can find out which users actually have a homefolder, but doesn't exist in the AD anymore. Therefore having the "True" and "False" value to show me the information whether it finds a corresponding user in the AD or not.

    I hope you understand what I'm trying to explain, without making you guys even more confused 🙂

    #34767
    Profile photo of Dan Potter
    Dan Potter
    Participant

    Ok, easy enough.

    option 1. Not ideal. Get your path from the server, look for the user with that path.
    [bool](get-aduser -Filter "homedirectory -eq $path")

    option 2. This is the way I would do it. Get all the mappings and eliminate those that are not.
    test-path (get-aduser myusername -properties homedirectory).homedirectory

    More code involved but this gives you a start, you'll have to figure out how to deal with true and false.

    if(get-aduser -Filter "homedirectory -eq $path"){}else{delete or move folder}

    #34768
    Profile photo of Mark Hammonds
    Mark Hammonds
    Participant

    Ahhhh so you are wanting to find folders on a server and compare to ad accounts

    Maybe something like this. This only works if the folder only has user accounts. Go with Dan's solution I see issues with mine and I'm on an iPad won't be able to test till tomorrow

    $paths = Get-childitem -path \\server\home$\
    
    Foreach($path in $paths){
    $user = Get-aduser ($path.substring(0,$path.length - 4) -properties homefolder | select homefolder
Viewing 15 posts - 1 through 15 (of 20 total)

You must be logged in to reply to this topic.