CODEWITHSUNDEEP
powershell
CMR
CMR

Reputation: 111

Can someone please advise with a simple -ldapfilter

Hi all can someone help me understand why the resulting exported file does not contain any information. For each ISID (the ackronym for my setup's log in name) in the imported .csv file, I want to find the corresponding samAccountName and export the listed properties...

Add-PSSnapin Quest.ActiveRoles.ADManagement
connect-qadservice US2.k.com -proxy
$groupName = Import-csv c:\ExportDL\LockedAccounts.csv
write-host "This window will close when done"_ADmembers.csv" will be created" -ForegroundColor Green
ForEach ($ISID in $groupName) {
get-qaduser -ldapfilter "(&(objectCategory=person)(objectClass=user)(samaccountname=$ISID))" 
    -includedproperties samAccountName,accountExpires,edsvaParentCanonicalName,edsaAccountIsDisabled,passwordLastset,department,manager,distinguishedName,displayName | 
    select edsvaParentCanonicalName,displayName,samAccountName,name,edsaAccountIsDisabled,logonName,
    lastName,firstName,manager,accountExpires,passwordLastset | 
        export-csv C:\ExportDL\LockedAccounts_ADmembers.csv
}

My apologies for the bad indentation. I cant figure the four spaces code block out :(

Upvotes: 2

Views: 565

Answers (1)

CB.
CB.

Reputation: 60918

This should work, but will be interesting know the content of LockedAccounts.csv file:

Add-PSSnapin Quest.ActiveRoles.ADManagement
connect-qadservice US2.k.com -proxy
$groupName = Import-csv c:\ExportDL\LockedAccounts.csv 
write-host "This window will close when done"_ADmembers.csv" will be created" -Fore Green

( $groupName | select -expa ISID | get-qaduser -includedproperties samAccountName,accountExpires,ParentCanonicalName,
AccountIsDisabled,passwordLastset, department,manager,distinguishedName,displayName | 
select ParentCanonicalName,displayName,samAccountName,name,AccountIsDisabled,logonName,
       lastName,firstName,manager,accountExpires,passwordLastset ) |
export-csv C:\ExportDL\LockedAccounts_ADmembers.csv -NoTypeInformation

If the ISID column contains sAMAccountName there is not need for a ldap query, the QADs command accept it as input via pipe or for -identity parameter

Upvotes: 1

Related Questions