Get nested CN value from AD Group with Powershell

Question

I´ve been trying to get the CN value from the managedBy property of an AD group, this is the code where I get the group

Get-ADGroup CACAL-ER-Marketing -Properties SamAccountName, managedBy, Name, Description, GroupCategory |
Select-Object SamAccountName, managedBy, Name, Description, GroupCategory

Which ouputs:

SamAccountName : CACAL-ER-Marketing
managedBy      : CN=Diane Dela Torre,OU=1-Mail Archive Needed,OU=User Archive,DC=hrbl,DC=net
Name           : CACAL-ER-Marketing
Description    : 
GroupCategory  : Security

What I want to get is 'Diane Dela Torre' value, I've try converting mananagedBy to Json but it outputs that it is not a cmdlet, something like

Get-ADGroup CACAL-ER-Marketing -Properties SamAccountName, managedBy, Name, Description, GroupCategory |
Select-Object SamAccountName, (managedBy | ConvertTo-Json).CN, Name, Description, GroupCategory

managedBy : The term 'managedBy' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:2 char:32
+ Select-Object SamAccountName, (managedBy | ConvertTo-Json).CN, Name,  ...
+                                ~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (managedBy:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException

Answer 1

Since the managedBy property is the DistinguishedName of a user, instead of using regex on it to get the displayname of this user, I would do this with Get-ADUser.

Get-ADGroup CACAL-ER-Marketing -Properties SamAccountName, managedBy, Name, Description, GroupCategory |
Select-Object SamAccountName, 
              @{Name = 'ManagedBy'; Expression = { (Get-ADUser -Identity $_.managedBy -Properties DisplayName).DisplayName }},
              Name, Description, GroupCategory 

Answer 2

This should achieve your desired result.

Get-ADGroup CACAL-ER-Marketing -Properties SamAccountName, managedBy, Name, Description, GroupCategory |
    Select-Object SamAccountName, @{n="ManagedBy";e={$($_.Managedby -split ('=|,'))[1]}}, Name, Description, GroupCategory

Using the -Split operator we split on both = and , and grab the second element.

To make the code more readable and easier to maintain, I recommend preparing the properties prior to the call. Not useful in this situation but also I highly recommend splatting.

$adprops = @'
SamAccountName
managedBy
Name
Description
GroupCategory
'@ -split [Environment]::NewLine

$selprops = @(
    "SamAccountName",
    @{n="ManagedBy";e={$($_.Managedby -split ('=|,'))[1]}},
    "Name",
    "Description",
    "GroupCategory"
)

Get-ADGroup CACAL-ER-Marketing -Properties $adprops | Select-Object $selprops

Edit, if you wanted to use regex this can be handled by simply creating your regex object with the required pattern like so.

$regex = [regex]'(?<=={1}).+?(?=,)'

Get-ADGroup CACAL-ER-Marketing -Properties SamAccountName, managedBy, Name, Description, GroupCategory |
    Select-Object SamAccountName, @{n="ManagedBy";e={$regex.Match($_.managedby).value}}, Name, Description, GroupCategory

Regex explanation

By assigning the regex pattern cast as [regex] to a variable, we can use the first overload of the Match method and simply pass in the text.

(?<=={1}) Positive lookbehind, the match will start directly after 1 equals sign

(?=,) positive lookahead, the match must be followed by a comma

Answer 3

Perhaps an alternative to the previous answer using a regex instead (I'm not sure if it's possible for a distinguished name to contain a comma, you see) (untested, but adapted from the previous answer):

Get-ADGroup CACAL-ER-Marketing -Properties SamAccountName, managedBy, Name, Description, GroupCategory |
Select-Object SamAccountName, @{n="ManagedBy";e={[regex]::Match($_.Managedby,'CN=(.*?),OU=',[System.Text.RegularExpressions.RegexOptions]::Singleline).Groups[1].Value}, Name, Description, GroupCategory