CODEWITHSUNDEEP
powershellactive-directory
Crash893
Crash893

Reputation: 11702

Retrieve Manager name for each user in AD using powershell

I am trying to dump an OU (Staff) in our AD to a specific format

"name" -> "Manager";

I am zeroing in but I'm hitting a wall with the following code

get-aduser -filter * -SearchBase "OU=Staff,DC=whatever,DC=local" |  get-aduser -Properties Manager | Select Name,Manager

The output for manager is returned as:

CN=Sharon Doe,OU=Staff,DC=whatever,DC=local

Also I am unsure how to wrap the text in quotes and insert the arrow between name and manger

Thanks if you can point me in the right direction

this is my sudo working code so far

Import-Module ActiveDirectory  
 $users = $null
 $i = $null  
 $users = Get-ADUser -SearchBase "ou=Staff,dc=whatever,dc=local" -filter * `  -property description  
 ForEach($user in $users)  
  {  

      $user.name + >>>Get-ADUser($users.manager).name**<<<

      $i++  

 }  
"$i users"

Upvotes: 4

Views: 60317

Answers (2)

EZDuzIT
EZDuzIT

Reputation: 41

I use PowerShell regex to filter only the friendly name portion of the manager from the DN for the "Manger" attribute in the AD user object properties, see below:

$newUser = Get-ADUser -Identity someUser1 -Properties *
$newUser.Manager

Output: CN=Some Manager1,OU=IT,DC=YOUR,DC=DOMAIN,DC=COM

$newUser.Manager.split(',')[0].trim('CN=')

Output:

Some Manager1

In addition, you could use the following filter as well, but I feel it is more code than necessary, trim does what we want with less typing and complexity (Not going into why one is better than the other, we haven't talked scale about this ask):

CN=someUser1,OU=IT,DC=YOUR,DC=DOMAIN,DC=COM
$newUser.Manager.split(',')[0] -replace 'CN=',''

Output:

Some Manager1

For completeness, you should know the type of your final state, you can get this with the following:

($newUser.Manager.split(',')[0].trim('CN=')).GetType()

OR

($newUser.Manager.split(',')[0] -replace 'CN=','').GetType()

Output:

IsPublic IsSerial Name                                     BaseType                                                                                                                                                           
-------- -------- ----                                     --------                                                                                                                                                           
True     True     String                                   System.Object

Now you know your final value is of type 'string'!

Lastly, you can trap your value in a variable:

$Mgr = $newUser.Manager.split(',')[0].trim('CN=')

Okay, I found a bug in my regex using trim logic, if an user has a DN that starts like the following:

CN=Nicholas

Then the output using $newUser.Manager.split(',')[0].trim('CN=') is as follows:

icholas

This is because trim truncates any matching character, not the whole string specified, where as -replace does it based on the string as shown below:

$newUser.Manager.split(',')[0] -replace 'CN=',''

Output:

Nicholas

FINAL SOLUTION: So, I recommend the following as a final solution:

$newUser.Manager.split(',')[0] -replace 'CN=',''

My apologies for the oversight, I now remember seeing others mention this online and I completely forgot about it. Once again, I apologize for the confusion.

Enjoy!

Upvotes: 4

Mathias R. Jessen
Mathias R. Jessen

Reputation: 174990

You can use 

(Get-ADUser "CN=Sharon Doe,OU=Staff,DC=whatever,DC=local").DisplayName

to fetch the manager's user object and grab the DisplayName instead of the DN.

If you don't feel confident working with calculated properties (see below), you can use it inside a foreach loop:

$Users = Get-ADUser -filter * -SearchBase "OU=Staff,DC=whatever,DC=local" -Properties Manager 

foreach($User in $Users){
    $Manager = Get-ADUser $User.Manager -Properties DisplayName
    $ManagerName = $Manager.DisplaýName

    "$($User.Name) -> $ManagerName"
}

You could also use it inside a calculated property when using Select-Object:

$Users = Get-ADUser -filter * -SearchBase "OU=Staff,DC=whatever,DC=local" -Properties Manager 
$Users | Select Name,@{label="Manager";expression={(Get-ADUser $_.Manager -Properties DisplayName).DisplayName}}

If the Select statement gets too unreadable, you can always make a splatting table with the properties:

$NameManager = @{
  "Property" = @(
    "Name"
    @{
      Label = "Manager"
      Expression = {
        Get-ADUser $_.Manager -Properties DisplayName |Select -Expand DisplayName
      }
    }
  )
}

$Users | Select-Object @NameManager

Upvotes: 12

Related Questions