Powershell help

Home Forums Scripting PowerShell Powershell help

This topic contains 2 replies, has 3 voices, and was last updated by Avatar Silver23 9 years, 12 months ago.

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • Avatar
    joeln
    Member
    #145959

    I have a Powershell script to list all disable AD users in a domain. I need to alter it to exclude certain OU’s, but have no idea how. Any thoughts? The script (from MS) is below. Thanks

    $strFilter = “(&(objectCategory=User)(userAccountControl:1.2.840.113556.1.4.803:=2))”

    $objDomain = New-Object System.DirectoryServices.DirectoryEntry

    $objSearcher = New-Object System.DirectoryServices.DirectorySearcher
    $objSearcher.SearchRoot = $objDomain
    $objSearcher.PageSize = 1000
    $objSearcher.Filter = $strFilter

    $colProplist = “name”
    foreach ($i in $colPropList){$objSearcher.PropertiesToLoad.Add($i)}

    $colResults = $objSearcher.FindAll()

    foreach ($objResult in $colResults)
    {$objItem = $objResult.Properties; $objItem.name}

    Avatar
    Silver23
    Member
    #292245

    Re: Powershell help

    Maybe you should try using a where statement.

    http://www.vistax64.com/powershell/186780-get-qaduser-need-exclude-ou.html

    Rems
    Rems
    Moderator
    #227610

    Re: Powershell help

    You can use the “Like” operator in an If statement.
    Create an Array containing the distinguished Name of the OUs you want to exclude. Start each distinguished Name with a wildcard *, then inclose each value in quotes and separate each value in the array with a comma.

    PS script: “Find disabled users”

    Code:
    $arrExcludedOus = “[B]*[/B],OU=[COLOR=”DarkSlateBlue”]Company Managers[/COLOR],DC=[COLOR=”darkslateblue”]domain[/COLOR],DC=[COLOR=”darkslateblue”]loca[/COLOR]l”, “[B]*[/B],OU=[COLOR=”darkslateblue”]Company Engineers[/COLOR],DC=[COLOR=”darkslateblue”]domain[/COLOR],DC=[COLOR=”darkslateblue”]local[/COLOR]”, “[B]*[/B],OU=[COLOR=”DarkSlateBlue”]Test[/COLOR],DC=[COLOR=”darkslateblue”]domain[/COLOR],DC=[COLOR=”DarkSlateBlue”]local[/COLOR]”

    $strFilter = “(&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=2))”

    $objDomain = New-Object System.DirectoryServices.DirectoryEntry

    $objSearcher = New-Object System.DirectoryServices.DirectorySearcher
    $objSearcher.SearchRoot = $objDomain
    $objSearcher.PageSize = 500
    $objSearcher.Filter = $strFilter

    $colProplist = “name”
    foreach ($i in $colPropList){$objSearcher.PropertiesToLoad.Add($i)}

    $colResults = $objSearcher.FindAll()

    foreach ($objResult in $colResults)
    {
    $objItem = $objResult.Properties
    $bCorrectOU = $true
    #check if object is not in the excluded OUs.
    foreach ($Ou in $arrExcludedOus)
    {
    if ($objItem.adspath -like $Ou)
    {$bCorrectOU = $false; break}
    }

    if ($bCorrectOU -eq $true) {$objItem.name}
    }

    Rems

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.