CODEWITHSUNDEEP
powershellfilterldapou
TrixD
TrixD

Reputation: 7

Ldap filter for multiple Ou's Powershell

Hello guys still pretty new to Powershell and never worked with Ldap -filter before so i have a question. Is it possible to get AD-User's out of mulitple Ou's with one Ldap filter?

OU=D5,OU=Standard,OU=User,OU=1,DC=test,DC=for-me,DC=nl
OU=D3,OU=Standard,OU=User,OU=1,DC=test,DC=for-me,DC=nl
OU=G2,OU=General,OU=User,OU=1,DC=test,DC=for-me,DC=nl
OU=C6,OU=Expired,OU=User,OU=1,DC=test,DC=for-me,DC=nl

Im sorry i have not even a Code example but nothing i've tried came near to what i want. Im open for tipps, hints, ideas etc. Thanks already.

Upvotes: 0

Views: 2001

Answers (2)

Tomalak
Tomalak

Reputation: 338376

You cannot make the OU part of the LDAP filter. But you can make an OU the base of your search and issue multiple searches.

# an array of OUs, this could also be achieved with e.g. $OUs = Get-Content 'some_file.txt'
$OUs = @(
    "OU=D5,OU=Standard,OU=User,OU=1,DC=test,DC=for-me,DC=nl"
    "OU=D3,OU=Standard,OU=User,OU=1,DC=test,DC=for-me,DC=nl"
    "OU=G2,OU=General,OU=User,OU=1,DC=test,DC=for-me,DC=nl"
    "OU=C6,OU=Expired,OU=User,OU=1,DC=test,DC=for-me,DC=nl"
)

foreach ($ou in $OUs) {
    Get-ADUser -SearchBase $ou
}

Upvotes: 1

R.Amersfoort
R.Amersfoort

Reputation: 85

Well it is not an LDAP Query and might be suspicious in a very large environment, but normally I suggest use the filter options of Powershell like below:

Get-ADUser -Filter  * | Where-Object { $_.DistinguishedName.split(",",2)[1] -in 
    "OU=D5,OU=Standard,OU=User,OU=1,DC=test,DC=for-me,DC=nl",
    "OU=D3,OU=Standard,OU=User,OU=1,DC=test,DC=for-me,DC=nl",
    "OU=G2,OU=General,OU=User,OU=1,DC=test,DC=for-me,DC=nl",
    "OU=C6,OU=Expired,OU=User,OU=1,DC=test,DC=for-me,DC=nl"
}

Upvotes: 0

Related Questions