CODEWITHSUNDEEP
powershelloffice365gal
leeand00
leeand00

Reputation: 26402

How does one query the GAL from powershell by job title?

I'm reading a document at work that involves a bunch of position titles, but I don't know who the people actually are, I only know their job titles.

I know this information is available in the Global Address Book, but I don't know how to put in a job title (and I guess location) and get back an actual person's name and contact information.

Is it possible to use powershell to "almost" look up a contact in the GAL using a job title as an input and the contact as an output?

o365 of course...

Upvotes: 0

Views: 1767

Answers (1)

postanote
postanote

Reputation: 16116

As for ...

Is it possible to use powershell to "almost" look up a contact in the GAL using a job title as an input and the contact as an output?

... the simple answer, yes. You just write the code for it, just as you would if this was on-premises Exchange, of course using the Exchange Online cmdlets via a PSRemote session.

Connection to EXO us a daily use case and fully documented as to how, from Microsoft here: Connect to Exchange Online PowerShell

$UserCredential = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
Import-PSSession $Session -DisableNameChecking

Or just use this script from the MS PowerSHellGallery.com

https://www.powershellgallery.com/packages/Connect-O365/1.5.4/Content/Connect-O365.ps1

Or this one

https://gallery.technet.microsoft.com/office/Connect-to-Office-53f6eb07/file/221497/1/Connect-Office365Services.ps1

Yet, remember the GAL is populated from AD. So, if you are in a hybrid environment, you can just hit your on-premises AD to get this.

You have a built in cmdlet for user searches for AD and EXP/EXO:

Get-Command -Name '*adaccount*' | Format-Table -AutoSize

CommandType Name                                            Version Source         
----------- ----                                            ------- ------         
Alias       Set-ADAccountPasswordHash                       3.4     DSInternals    
Cmdlet      Clear-ADAccountExpiration                       1.0.1.0 ActiveDirectory
Cmdlet      Disable-ADAccount                               1.0.1.0 ActiveDirectory
Cmdlet      Enable-ADAccount                                1.0.1.0 ActiveDirectory
Cmdlet      Get-ADAccountAuthorizationGroup                 1.0.1.0 ActiveDirectory
Cmdlet      Get-ADAccountResultantPasswordReplicationPolicy 1.0.1.0 ActiveDirectory
Cmdlet      Search-ADAccount                                1.0.1.0 ActiveDirectory
Cmdlet      Set-ADAccountAuthenticationPolicySilo           1.0.1.0 ActiveDirectory
Cmdlet      Set-ADAccountControl                            1.0.1.0 ActiveDirectory
Cmdlet      Set-ADAccountExpiration                         1.0.1.0 ActiveDirectory
Cmdlet      Set-ADAccountPassword                           1.0.1.0 ActiveDirectory
Cmdlet      Unlock-ADAccount                                1.0.1.0 ActiveDirectory



# get function / cmdlet details
(Get-Command -Name Search-ADAccount).Parameters.Keys
Get-help -Name Search-ADAccount -Full
Get-help -Name Search-ADAccount -Online
Get-help -Name Search-ADAccount -Examples

Search-ADAccount -AccountDisabled | FT Name,ObjectClass -A  
Search-ADAccount -AccountDisabled -UsersOnly | FT Name,ObjectClass -A   
Search-ADAccount -AccountExpired | FT Name,ObjectClass -A   
Search-ADAccount -AccountExpiring -TimeSpan 6.00:00:00 | FT Name,ObjectClass -A 
Search-ADAccount -AccountInactive -TimeSpan 90.00:00:00 | FT Name,ObjectClass -A    
Search-ADAccount -PasswordExpired | FT Name,ObjectClass -A  
Search-ADAccount -PasswordNeverExpires | FT Name,ObjectClass -A 
Search-ADAccount -LockedOut | FT Name,ObjectClass -A    
Search-ADAccount -AccountDisabled -ComputersOnly | FT Name,ObjectClass -A   
Search-ADAccount -AccountExpiring -DateTime "3/18/2009" | FT Name,ObjectClass -A    
Search-AdAccount -AccountDisabled -SearchBase "DC=AppNC" -Server "FABRIKAM-SRV1:60000"  

# Or just use
(Get-Command -Name Get-ADUser).Parameters.Keys
Get-help -Name Get-ADUser -Full
Get-help -Name Get-ADUser -Online
Get-help -Name Get-ADUser -Examples 


# If you are really wanting to do this using EXP/EXO, then it provide a cmdlet to help
Get-ADObject -ldapfilter "(&(objectClass=contact)(objectCategory=person)(!showinAddressBook=*))" -properties *

You can also use the ADAC to write this code for you, it's just a matter of clicking through the steps and saving the code to modify as needed. Follow these instructions.

Introduction to Active Directory Administrative Center Enhancements (Level 100)

Learning PowerShell with Active Directory Administrative Center (PowerShell History Viewer)

Step-By-Step: Utilizing PowerShell History Viewer in Windows Server 2012 R2

Use Active Directory Administrative Center to Create PowerShell Commands in Windows Server 2012

Upvotes: 0

Related Questions