Reputation: 151
Get-ADuser -server xxyy -filter {} doesn't work in a For loop
Been a while since I posted, but i've hit a road-block which an annoying issue
I have a need to scan all of the companies domains for user accounts based on full name, as is FIRST LAST
The same code works fine when running a get-aduser -identity -server domain.name, but using
Get-aduser -filter -server doesn't work inside a For loop, and I'm not sure why!
Here's the code:
$AllDomains = (Get-ADForest).domains
Function Check-ADUser {
Param(
$FullName,
$ADList
)
$ADUserArray = @()
ForEach ($SubDomain in $ADList) {
write-host "Checking for $FullName on $SubDomain ..."
$UserADDomain = Get-ADUser -Server $SubDomain -Filter {(Name -eq $Fullname)} -properties * -ErrorAction SilentlyContinue | Select @{n="DomainName"; e={($_.CanonicalName -split '/')[0]}} `
| Select-Object DomainName -ExpandProperty DomainName
} #ForEach $Domain
The results return black
Here's the code that work fine:
$AllDomains = (Get-ADForest).domains
Function Check-ADUser {
Param(
$FullName,
$ADList
)
$ADUserArray = @()
ForEach ($SubDomain in $ADList) {
write-host "Checking for $FullName on $SubDomain ..."
$UserADDomain = Get-ADUser -Server $SubDomain -Identity $userName -properties * -ErrorAction SilentlyContinue | Select @{n="DomainName"; e={($_.CanonicalName -split '/')[0]}} `
| Select-Object DomainName -ExpandProperty DomainName
} #ForEach $Domain
The function is called via a for loop against each user as such
$Users = @"
Rocky Balboa
Bruce Willis
Gene Simmons
Liz Phair
Steven Segal
"@ | ForEach {$_.Split([String[]]"`r`n",[StringSplitOPtions]::None)}
$outarray = @()
ForEach ($user in $Users) {
$aa = Check-ADUser -FullName $User -ADList $AllDomains
}
The only real difference in the code within the function, is the use the -filter instead of -identity on the get-aduser cmdlet
What's odd, is that if I run the code outside of the for loop, it works! I'm thinking it's a Powershell gotcha! any help appreciated :-)
Owen
Upvotes: 0
Views: 191
Answers (1)
Reputation: 11364
Use the filter statement like this,
If you are interested in performance, limit the properties to canonicalName instead of *.
After reading the last part of the docs, I think removing the ( ) within curly braces should resolve your issue as well.
$UserADDomain = Get-ADUser -Server $SubDomain -Filter "Name -eq '$Fullname'" -properties * -ErrorAction SilentlyContinue | Select @{n="DomainName"; e={($_.CanonicalName -split '/')[0]}}
if ($null -ne $UserADDomain) {
return $UserADDomain
}
Excerpt:
Note: For String parameter type, PowerShell will cast the filter query to a string while processing the command. When using a string variable as a value in the filter component, make sure that it complies with the PowerShell Quoting Rules. For example, if the filter expression is double-quoted, the variable should be enclosed using single quotation marks: Get-ADUser -Filter "Name -like '$UserName'". On the contrary, if curly braces are used to enclose the filter, the variable should not be quoted at all: Get-ADUser -Filter "Name -like '$UserName'".
Upvotes: 1
Related Questions
- Get-Aduser -Filter will not accept a variable
- Filtering multiple users with get-aduser
- Powershell Get ADUser filter
- Get-ADUser -Filter fails when comparing to an object's property
- Get-ADuser : The search filter cannot be recognized
- Get-ADUser filter with variable fails
- Filtering With a Variable Using Get-ADUser
- ForEach-Object loop containing Get-ADUser and filter
- For Looping through ADuser List
- Get-AdUsers in a for-each loop with appended characters in powershell