search AD for a specific mailserver

This topic contains 0 replies, has 1 voice, and was last updated by Profile photo of Forums Archives Forums Archives 5 years, 5 months ago.

  • Author
    Posts
  • #6315

    by townleyma at 2013-04-03 02:04:03

    Hi

    I want to run a report on users in ad with a specific mailserver value but i cant work it out. So far i have Get-ADuser "username" -Properties {mailserver}

    I think im on the right path but what i want to also display it in a table so something like | format-table GivenName,Name,Surname,mailServer |out-file "path"

    I just cant work out how to search specificly for the mailServer and then display it in a table.

    Any advice is muchly appriciated 🙂

    by MasterOfTheHat at 2013-04-03 07:37:55

    Not sure what "mailserver" property you are talking about, but you can limit your query by either using the -Filter parameter of the Get-ADUser cmdlet or by getting all of the users and piping the output to the Where-Object cmdlet:
    Get-ADUser -Filter {mail -like '*domain.com'}
    Get-ADUser -Filter * -Property mail | Where-Object mail -like *domain.com

    Using the -Filter param is definitely more efficient...

    by ArtB0514 at 2013-04-03 07:45:26

    You can get the mailserver name from the msExchHomeServerName property, which is its FQDN in the Configuration container. Or, you could do this:
    Get-ADUser "username" -Properties msExchHomeServerName | Where {$_.msExchHomeServerName -match "mailserver"}

    You cannot output the results of Format-Table to a file; instead you should use Select-Object and then output the results to a csv file.

    by ArtB0514 at 2013-04-03 07:56:06

    Here's a script that will return the FQDN of all your exchange servers.
    $configNC=([ADSI]"LDAP://RootDse").configurationNamingContext
    $search = new-object DirectoryServices.DirectorySearcher([ADSI]"LDAP://$configNC")
    $objectClass = "objectClass=msExchExchangeServer"
    $search.Filter = "$objectClass"
    [void] $search.PropertiesToLoad.Add("name")
    [void] $search.PropertiesToLoad.Add("msexchcurrentserverroles")
    [void] $search.PropertiesToLoad.Add("networkaddress")
    $exchServers = $search.FindAll()
    $exchServers | Select @{Name='Path';Expression={$_.Properties.adspath.SubString(7)}}

    by townleyma at 2013-04-03 08:45:39

    Thanks very much, just looking through each answer and working out what each one does. im not PS savvi so im going to pick apart each line of code rather than cut n paste so i get a greater understanding. I think i was a bit vague. im looking at 17500 user accounts all spaning different mailserver attributes because there is multible exchanger servers. So each ad account has an attribute in attribute editor called mailserver that is populated with the mail domain of that user (example, exch1.domain1.ad.co.uk, exch2.domain2.ad.co.uk) so i want to produce a list of users in one particular mail domain, if that makes sense..

    Anyway i will have a go with the above commands / script and see what we get 🙂

    by ArtB0514 at 2013-04-03 11:02:08

    So, given that you've added a custom property to AD called MailServer, then you can do this to return all the users in a single mailserver:

    $Users = Get-ADUser -Filter * -Properties MailServer | Where {$_.MailServer -eq "exch1.domain1.ad.co.uk"}
    $Users | Select GivenName,Name,Surname,mailServer | Export-Csv "path" -NoTypeInformation

    by MasterOfTheHat at 2013-04-03 13:08:55

    [quote="ArtB0514"]So, given that you've added a custom property to AD called MailServer, then you can do this to return all the users in a single mailserver:

    $Users = Get-ADUser -Filter * -Properties MailServer | Where {$_.MailServer -eq "exch1.domain1.ad.co.uk"}
    $Users | Select GivenName,Name,Surname,mailServer | Export-Csv "path" -NoTypeInformation
    [/quote]
    Why not filter in the query instead of pulling back all of the objects and then filtering locally?
    $Users = Get-ADUser -Filter { MailServer -eq "exch1.domain1.ad.co.uk" } -Properties MailServer |
    Select GivenName,Name,Surname,mailServer |
    Export-Csv "path" -NoTypeInformation

    by townleyma at 2013-04-04 00:42:26

    Thanks again, going to give these a try today 🙂

    by townleyma at 2013-04-04 02:36:08

    Right i have tested a few of these, i managed to pull out 190 users out of the 17000 which sounds about right using the last few commands, i was expecting to see mailServer populated with the domain i specified but instead it says Microsoft.ActiveDirectory.Management.ADPropertyValueCollection
    Is this because we stored the command using $users? what does -notypeinformation do?

    by ArtB0514 at 2013-04-04 06:31:29

    -NoTypeInformation: When an object collection is sent to a CSV file, the default output consists of the following lines:
    1. The type name of the object being exported.
    2. A comma separated list of the property names
    3-n. The comma separated list of property values
    -NoTypeInformation tells PowerShell not to export the type name and begin line 1 with the property names list. This makes the csv file much easier to process in Excel.

    When a property gets exported to a csv file as a type name rather than the actual value, it means that PowerShell doesn't know how to convert the value to a string. In cases where the type name indicates the the data is an array (e.g., your ADPropertyValueCollection), the easiest way to convert it to a string is to use the -join function in a custom property specification. Here's an example joining the values with newline:

    $Users | Select GivenName,Name,Surname,@{Name='MailServer';Expression={$_.mailServer -join "`n"}} | Export-Csv "path" -NoTypeInformation

    by townleyma at 2013-04-05 04:51:14

    ahh right, i see 🙂

    by townleyma at 2013-04-05 04:56:57

    So what if i want to further expand my search to include department as well. I cant just add it into the filter i have to use an array? but when reading about arrays i could not quite grasp and adapt the concept to get the desired result, still reading though in the hope that it clicks.

    by MasterOfTheHat at 2013-04-05 09:34:24

    [quote="townleyma"]So what if i want to further expand my search to include department as well. I cant just add it into the filter i have to use an array? but when reading about arrays i could not quite grasp and adapt the concept to get the desired result, still reading though in the hope that it clicks.[/quote]
    No arrays needed. Assuming you are using the code I posted, modify the Filter param and then the Select-Object line, if needed:
    $Users = Get-ADUser -Filter { (MailServer -eq "exch1.domain1.ad.co.uk") -and (Department -eq "Accounting") } -Properties MailServer, Department |
    Select GivenName,Name,Surname,mailServer,Department |
    Export-Csv "path" -NoTypeInformation

    EDIT: modified after Art's comment below

    by ArtB0514 at 2013-04-05 09:41:29

    Get-ADUser doesn't return very many properties by default, so you need to be aware of that and include the extra ones that you want in the -Properties list. Department is one of the properties that needs to be requested explicitly.

    Here's the list of properties returned by default:
    [list]Enabled
    GivenName
    Name
    ObjectClass
    ObjectGUID
    SamAccountName
    SID
    Surname
    UserPrincipalName
    PropertyNames
    PropertyCount[/list]

    by townleyma at 2013-04-08 01:38:00

    ah there is a cheeky -and in there! I tried & thinking that would have worked. I understand that using -properties gets you more of a selectable selection of attributes but is there also a -property as well as -properties that grab different attributes?

    by ArtB0514 at 2013-04-08 08:50:34

    I don't see a -Property parameter (extract from Get-Help Get-ADUser):
    [quote]NAME
    Get-ADUser

    SYNOPSIS
    Gets one or more Active Directory users.

    SYNTAX
    Get-ADUser -Filter [-ResultPageSize ] [-ResultSetSize ] [-SearchBase ]
    [-SearchScope {Base | OneLevel | Subtree}] [-SearchScope {Base | OneLevel | Subtree}] [-AuthType {Negotiate | Basic}] [-Credential ] [-Partition ] [-Properties ] [-Server ] []

    Get-ADUser [-Identity] [-AuthType {Negotiate | Basic}] [-Credential ] [-Partition ] [-Properties
    ] [-Server ] []

    Get-ADUser -LDAPFilter [-ResultPageSize ] [-ResultSetSize ] [-SearchBase ]
    [-SearchScope {Base | OneLevel | Subtree}] [-AuthType {Negotiate | Basic}] [-Credential ] [-Partition ]
    [-Properties
    ] [-Server ] []
    [/quote]

    by MasterOfTheHat at 2013-04-08 11:02:15

    It's an alias for -Properties

    by ArtB0514 at 2013-04-08 13:17:06

    Ah, thanks. I personally don't use aliases and never though to look to see if that's what it was.

You must be logged in to reply to this topic.