Script ideas/request - Compare On Prem AD / Azure AD

This topic contains 3 replies, has 3 voices, and was last updated by  Olaf Soyk 2 months ago.

  • Author
    Posts
  • #96416

    Chris Bush
    Participant

    Greetings Programs,

    Looking for a way to compare a computer account list in an 'OnPrem' AD and an 'AzureAD' list and list out the differences.

    Basically I need something that will allow me to tell which computer accounts on are on the AzureAD list and not on the 'OnPrem' AD list.

    I've done some digging on it and the answer I came up with was useless (Dump both lists to a CSV file and run a compare off of that) as the difference listed all had a trailing $ character on them from AzureAD.

    Any help would be appreciated.

  • #96461

    postanote
    Participant

    You are correct that you have to dump a list, but it does not have to written to the drive as a CSV.
    Just dump the list to two different variables, then use the Compare-Object to compare the data in the two variables.
    You can do this dynamically vs files, unless for whatever reason, you need to right the final output to a file.

  • #96528

    Chris Bush
    Participant

    @postanote
    Here is my problem is the output for dumping the AzureAD list

    I dump OnPrem AD Computer Acccount List
    I dump Azure AD Device list

    I compare the 2

    The AzureAD list has a trailing $ on the exact same computer accounts

    ex: Computer1 on OnPremAD and Computer1$ on AzureAD which triggers it as being a "different" machine however in reality it is the same machine.

    Does that make sense?

  • #96540

    Olaf Soyk
    Participant

    Do you use the same code for both sides to get the information? The SamAccountName of a computer in AD has a trailing '$'. You might compare the name from one side with the SamAccountName from the other side.

You must be logged in to reply to this topic.