Export AD Info CSV based on User Name input CSV powershell script

Question

I need to pass in a list of Users and get back a CSV with Name, SamAccountName, email

My Input CSV is as follows:

"John Doe"
"Jane Doe"

Here's the current code I'm using. I'm not sure what the problem is. The users actually do exist under the "DC" specified...

Import-Module ActiveDirectory
Function Get-ADUsersDetailsCSV
{
    [CmdletBinding()]
    Param
    (
    [Parameter(Mandatory=$True,Position=1)]
    [String]$InCSV,

    [Parameter(Mandatory=$True)]
    [String]$OutCSV
    )

If($InCSV)
{
    If(Test-Path -Path $InCSV)
    {
        $USERS = Import-CSV $InCSV -Header Name
        $USERS|Foreach{Get-ADUser $_.Name -Properties * |Select Name, SAMAccountName, mail}|Export-CSV -Path $OutCSV

    } #End Test that the files exist

    Else
    {
        Write-Warning "Cannot find path '$InCSV' because it does not exist."
    }


} #End Ensure Input and Output files were provided

} #End Function Get-UsersDetailsCSV

Here's the error:

Get-ADUser : Cannot find an object with identity: 'John Doe' under: 'DC=blah,DC=com'.
At U:\data\GetADUserInfo PS Script\GetADUsersDetailsCSV.psm1:19 char:28
+             $USERS|Foreach{Get-ADUser $_.Name -Properties * |Select Name, SAMAcc ...
+                            ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo          : ObjectNotFound: (Name:ADUser) [Get-ADUser], ADIdentityNotFoundException
+ FullyQualifiedErrorId : Cannot find an object with identity: 'John Doe' under: 'DC=blah,DC=com'.,Microsoft.ActiveDirectory.Management.Commands.GetADUser

Answer 1

The reason this is not working is that the -Identity parameter that the Get-ADUser cmdlet uses is searching AD on the SamAccount property, not the Name property to retrieve the user. Thus searching for "John Doe" will not work, instead it is expecting you to be searching with the SamAccount name: "JDoe"

To search by Name, you have to filter the results by Name like this:

Get-ADUser -Filter {Name -eq "John Doe"}

Thus, your code becomes:

$USERS|Foreach{Get-ADUser -Filter {Name -eq $_.Name} -Properties * |Select Name, SAMAccountName, mail}|Export-CSV -Path $OutCSV

Answer 2

If you run Get-Help Get-ADUser, you'll find this description for the Identity parameter:

-Identity <ADUser>
        Specifies an Active Directory user object by providing one of the following property values. The identifier in parentheses is the LDAP display name for the attribute.

      Distinguished Name 
        Example:  CN=SaraDavis,CN=Europe,CN=Users,DC=corp,DC=contoso,DC=com
      GUID (objectGUID) 
        Example: 599c3d2e-f72d-4d20-8a88-030d99495f20 
      Security Identifier (objectSid) 
        Example: S-1-5-21-3165297888-301567370-576410423-1103
      SAM account name  (sAMAccountName) 
        Example: saradavis

Note that Name is not one of the identities it will accept. Name is not an indexed attribute in AD, because it is not guaranteed to be unique. It probably is in your domain, but AD doesn't know that. To get a user by any other attribute, you need to use a filter, so your script would look something like this ( I took the liberty of folding for readability)

$USERS | Foreach{
Get-ADUser -filter "Name -eq  '$($_.name)'" -Properties mail |
Select Name, SAMAccountName, mail}|
Export-CSV -Path $OutCSV

Also note that Name and SAMAccountName are among the common properties that Get-ADUser will alwasy return, so the only other property you have to specify is Mail.

I think this will take care of the additonal requirements, but I didn't test it:

$USERS | Foreach{
  $getuser = 
    Get-ADUser -filter "Name -eq  '$($_.name)'" -Properties mail |
    Select Name, SAMAccountName, mail

  if ($getuser) {$getuser}
   else {[PSCustomObject]@{Name=$_;SAMAccountName='Not found';mail=$null}}
 } |
Export-CSV -Path $OutCSV