Hello,

Currently we are getting imports of users and we require to do a tidy up of names.

Basically we are after anyone who has the title of staff or teacher (which I can do).

Now here comes the part I dont know how to do..

Basically were after getting a list of users out of AD which matches the above but also that have the first part of there samaccountname before the period (.) does not match their firstname and the same for their surname.. Aas the import is chopping things off if they are too long as the restriction of the SAMAaccountname is 20 characters.

Our SAMAccountname is in this format firstname.surname

I would need the output in either a CSV or a text file with there first name, surname, SAMAaccountname and their OU.

Does anyone know how I can achieve this?

Many Thanks

James

Here is a PowerShell v2 RTM with the Microsoft ActiveDirectory module. (you would need Active Directory Web Services installed on your DCs). The following gets you everything you want in a table exported to csv. On my system the 'parent' property doesn't seem to populate (not sure is it is because I'm using downlevel ADWS an ADMGS or not or a limitation of the ActiveDirectory module), so in my example below I use distinguishedName. The user's OU is contained in his distinguishedName.

Get-ADUser -filter 'primarygroup -eq "CN=Domain Users,CN=Users,DC=example,DC=com"' -Properties givenName, sn, sAMAccountname | select-object givenName,sn,samaccountname,distinguishedname | export-csv domainusers.csv

Ok thank you for that... :)

Its telling me GET-ADUser is not a recognised cmdlet... What do I need to change or install for it to recognise it and then test your script?

Many Thanks

James

Hello,

Sorry I have just re read your post.

Is there another way to do this without installingWeb Services?

Many Thanks

James

You can do essentially the same thing by using the Quest AD cmdlets. Instead of calling Get-ADUser you would call Get-QADUser.

You can download the cmdlets for free here:
http://www.quest.com/powershell/act...erver.aspx

-Chris

Hello,

Thanks for that I have changed it and I am getting an error saying it does not have -filter?

Many Thanks

James

Just needs a little tweaking:

Get-QADUser -searchRoot "CN=Domain Users,CN=Users,DC=example,DC=com" -includedProperties givenName, sn, sAMAccountname | select-object givenName,sn,samaccountname,DN | export-csv domainusers.csv

Did that actually return anything? The search root you provided in the example is the Domain Users group not a container. Just curious. I don't use Quest tools.

I guess I could have left out the filtering example in my original post--I included it to show that if you want to select users based on certain criteria (in the case of my original post users that are members of the 'Domain Users' group) you can use the -filter method.

The Get-ADuser with MS ActiveDirectory module has an equivalent to -searchRoot--it is called -searchBase

With Quest cmdlets:

Get-QADUser -SizeLimit 0 -Title Staff,Teacher -FirstName * -LastName * | Where-Object {$_.SamAccountName -ne ($_.FirstName+"."+$_.LastName)} | Select-Object FirstName,LastName,SamAccountName,ParentContainer | Export-Csv users.csv

Cameronove,
The -Searchroot I provided was just a placeholder and really I only included it because it was in your original example which was a good idea.

However, since Shay dropped by and gave away the entire answer I guess there is nothing left for us to do. ;-)

All,

Thank you for your replies.

It works perfectly and will save us so much time :)

James