Pulling extensionAttributes and Department from AD

Welcome Forums General PowerShell Q&A Pulling extensionAttributes and Department from AD

This topic contains 4 replies, has 4 voices, and was last updated by

Ron
 
Participant
3 months, 3 weeks ago.

  • Author
    Posts
  • #104570

    Participant
    Points: 0
    Rank: Member

    Hey All,

    New Powershell user here and I am looking for some insight. I have to pull the following items from Active Directory and dump them into a spreadsheet...

    extensionAttribute1
    extensionAttribute2
    Department

    Is it possible to pull this information using "objectGUID" ? I have over 2000 AD users/objects that I need to pull this info so we can import it into GCDS (Google Cloud). Any help would be much appreciated!

  • #104573

    Participant
    Points: 225
    Helping Hand
    Rank: Participant

    You don't say what you've tried or what issues you are having.

    Or, do you mean this...

    Get-ADUser -Identity $env:USERNAME -Properties * | Select ObjectGUID,extensionAttribute1,extensionAttribute2
    
  • #104630

    Participant
    Points: 160
    Helping Hand
    Rank: Participant

    In Powershell, most cmdlets will return default properties. You can see in the example below with Get-Service, only 3 properties are returned, the others hidden until we do Select -Properties *:

    PS C:\WINDOWS\system32> Get-Service | Select -First 1
    
    Status   Name               DisplayName                           
    ------   ----               -----------                           
    Stopped  010170153020298... McAfee Application Installer Cleanu...
    
    
    
    PS C:\WINDOWS\system32> Get-Service | Select *  -First 1
    
    
    Name                : 0101701530202980mcinstcleanup
    RequiredServices    : {}
    CanPauseAndContinue : False
    CanShutdown         : False
    CanStop             : False
    DisplayName         : McAfee Application Installer Cleanup (0101701530202980)
    DependentServices   : {}
    MachineName         : .
    ServiceName         : 0101701530202980mcinstcleanup
    ServicesDependedOn  : {}
    ServiceHandle       : 
    Status              : Stopped
    ServiceType         : Win32OwnProcess
    StartType           : Automatic
    Site                : 
    Container 
    

    For WMI and Active Directory, only certain properties are returned in the resultset, simply for speed. Returning 10 properties or 100 properties multiplied by the number of objects (like 1000 users) is going to return at much different performance levels. As postanote eluded, you need to tell the cmdlet that you want additional properties returned in the query. Using -Properties * will return ALL properties. You can also specify just the properties you require to increase performance:

    Get-ADUser -Identity $env:USERNAME -Properties ObjectGUID,extensionAttribute1,extensionAttribute2 | Select ObjectGUID,extensionAttribute1,extensionAttribute2
    
  • #104716

    Participant
    Points: 0
    Rank: Member

    This is basically what I've been using so far...

    $objectlist = Import-Csv .\objects.csv

    foreach ($obj in $objectlist) {
    $aduser = Get-ADUser "$($obj.ObjectGUID)" -Properties department, extensionAttribute1, extensionAttribute2, ObjectGUID
    Write "Dept is $($aduser.department) extAtt1 is '$($aduser.extensionAttribute1)' extAtt2 is '$($aduser.extensionAttribute2)'"
    }

    The Write command is in there purely for testing to make sure that it's returning values (which it is). Now I just need to export that data to a csv. Granted I have only tested this against users, not contacts or groups yet. I appreciate the input.

  • #104986
    Ron

    Participant
    Points: 0
    Rank: Member

    You have the basics. Just need the export. (Untested from memory only)

    $aduser = @()
    foreach ($obj in $objectlist) {
      $aduser += Get-ADUser "$($obj.ObjectGUID)" -Properties department, extensionAttribute1, extensionAttribute2, ObjectGUID
    }
    $aduser | Select-Object ObjectGUID,department,extensionAttribute1,extensionAttribute2 | Export-Csv 'C:\path\file.csv' -NoTypeInformation

The topic ‘Pulling extensionAttributes and Department from AD’ is closed to new replies.