trying to search AD and return userobjects with property

Welcome Forums General PowerShell Q&A trying to search AD and return userobjects with property

This topic contains 3 replies, has 3 voices, and was last updated by

2 years ago.

  • Author
  • #63883

    Points: 0
    Rank: Member

    hi all,

    I am trying to build a powershell script that searches AD, and returns all userobjects that have the logonto property enabled.
    (largish AD) (so I can update them all at once....)

    I found a sample code in TechNet/msdn what I have is:

    this is the search code.... it returns "0" if you switch Samaccount to Name it returns all the names....

    rem $strFilter = "(&(objectCategory=User)(Department=Finance))"
    $objDomain = New-Object System.DirectoryServices.DirectoryEntry
    $objSearcher = New-Object System.DirectoryServices.DirectorySearcher
    $objSearcher.SearchRoot = $objDomain
    $objSearcher.PageSize = 1000
    $objSearcher.Filter = $strFilter
    $objSearcher.SearchScope = "Subtree"
    $colProplist = "sAMAccountName"
    foreach ($i in $colPropList){$objSearcher.PropertiesToLoad.Add($i)}
    $colResults = $objSearcher.FindAll()
    foreach ($objResult in $colResults)
        {$objItem = $objResult.Properties; $objItem.sAMAccountName}

    I have the code for the logonto also:

    rem Import-CSV C:\scripts\logonto-QRY\input.csv | % { 
    rem $UserN = $_.UserName
    $UserN = $
    $ComputerN = $_.ComputerName
    $ObjFilter = "(&(objectCategory=person)(objectCategory=User)(samaccountname=$UserN))" 
    $objSearch = New-Object System.DirectoryServices.DirectorySearcher 
    $objSearch.PageSize = 15000 
    $objSearch.Filter = $ObjFilter  
    $objSearch.SearchRoot = "LDAP://....DN here......" 
    $AllObj = $objSearch.findOne()
    $user = [ADSI] $AllObj.path
    $ErrorActionPreference = "silentlycontinue"
    If (($user.get("userWorkstations")) -ne $null)
    {$ComputerN = $user.get("userWorkstations") + $ComputerN}
    write-host $userN","$ComputerN
    rem Write-host -NoNewLine "Updating $UserN Properties ..."
    rem $user.psbase.invokeSet("userWorkstations",$ComputerN)
    Write-host "Done!"



  • #63895

    Points: 26
    Rank: Member

    Brrrr I get the shivers when reading code like this. Don't you have the Active Directory cmdlets to your disposal? You're writing code like you are still using VBScript. Don't do that, try to use native cmdlets first.

  • #63896

    Points: 0
    Rank: Member

    found the answer, way easier dont know why i didnt thing of it. I think this was a case of try to reuse code:

    Get-ADUser -Filter * -Properties LogonWorkstations | Where-Object {$_.LogonWorkstations -ne $null }|export-csv "c:\pathtofile.csv"


  • #63962

    Points: 2
    Rank: Member

    This might be a bit faster in a large AD. No need to load everyone and then filter.

    get-aduser -Filter {LogonWorkstations -notlike "*"}

The topic ‘trying to search AD and return userobjects with property’ is closed to new replies.

denizli escort samsun escort muğla escort ataşehir escort kuşadası escort