Change output results in PowerShell

Question

I want to get all user ID's with a specific token assigned.

It looks like this now when I run my script..

Get-ADUser -Filter * -Properties * | Select-Object vasco-LinkUserToDPToken, displayname 

#Output#

vasco-LinkUserToDPToken Displayname

{CN=VES0423061,OU=br... User X           
{}                      User X                
{}                      User X           
{CN=0067511310,OU=br... User X                
{CN=0067077717,OU=br... User X 


Example of a full vasco-LinkUserToDPToken : 
{CN=VES0976944,OU=Internal Users,DC=mgm,DC=agf,DC=be}

the thing is I only want to filter VES + it should be shown like this (not containing empty strings or tokens that are not starting with VES):

VES0423061  User X

Answer 1

It looks like your property 'vasco-LinkUserToDPToken' is a multivalued property type (string array) of which you need to extract the DN inside.

You could try:

Get-ADUser -Filter "vasco-LinkUserToDPToken -like 'CN=VES*'" -Properties 'vasco-LinkUserToDPToken', DisplayName | 
Select-Object @{Name = 'vasco-LinkUserToDPToken'; Expression = {
    ($_.'vasco-LinkUserToDPToken' | Where-Object {$_ -match '^CN=VES.*'}) -replace '.*(VES[^,]+).*', '$1'}
}, DisplayName

P.S. It is always a bad idea to use -Properties * is what you are after is just two properties. Using * forces to pull down ALL properties which is a waste of time

---

If the -Filter doesn't work on this custom property, you can always use a Where-Object clause afterwards like:

Get-ADUser -Filter * -Properties 'vasco-LinkUserToDPToken', DisplayName | 
Where-Object { $_.'vasco-LinkUserToDPToken' -like 'CN=VES*' } |
Select-Object @{Name = 'vasco-LinkUserToDPToken'; Expression = {
    ($_.'vasco-LinkUserToDPToken' | Where-Object {$_ -match '^CN=VES.*'}) -replace '.*(VES[^,]+).*', '$1'}
}, DisplayName