Author Posts

January 1, 2012 at 12:00 am

by cfritzy at 2013-03-22 06:29:12

I have some OU's under more location specific OU's in Active Directory called "ScreenSaverPolicyException" that we drop users into to bypass a screensaver policy we have in place. Unfortunately, I have about 69 of these "ScreenSaverPolicyException" OU's that I am trying to report on. I know I can use the Get-ADUser cmdlet to retrieve the information from a specific OU but I am trying to see if I can search AD with one cmdlet to try and find any in an OU named "like" "ScreenSaverPolicyException". Not sure if I can do a search on any OU named "like" or not. Any help would be appreciated.

by MasterOfTheHat at 2013-03-22 09:45:39

Since you can't filter using -like on DistinguishedName, you'll have to grab all of the "ScreenSaverPolicyException" OUs and then get all of the users within each of those OUs. Something like:
Get-ADObject -Filter '(ObjectClass -eq "organizationalUnit") -and (Name -like "ScreenSaverPolicyException")' -SearchBase "DC=domain,DC=com" |
ForEach-Object { Get-ADUser -SearchBase $_.DistinguishedName -Filter * }

by mjolinor at 2013-03-28 15:53:37

This seems to work:

Get-ADOrganizationalUnit -Filter "Name -like '*ScreenSaverPolicyException*'"