Find Distinguished Name; Filter By Two Different OUs

PowerShell Help
1

Friends,

I am trying to write a script that will get the whole DistinguishedName
When
The one OU is “ABCDEF” And
Some, another OU is “Navy”
There will be only one DistinguishedName that has both.

This one-liner works to find all the ABCDEF:
Get-ADOrganizationalUnit -Filter 'Name -like "ABCDEF"' | Format-Table Name, DistinguishedName

Name        DistinguishedName                                             
----        -----------------                                             
ABCDEF OU=ABCDEF,OU=Users,OU=Submarine,OU=Ship,OU=Navy,OU=Agencies,DC=usa,DC=net 
ABCDEF OU=ABCDEF,Destroyers,OU=Ships,OU=Agencies,DC=usa,DC=Net                  
ABCDEF OU=ABCDEF,OU=Officers,OU=People,OU=Agencies,DC=usa,DC=net                   
ABCDEF OU=ABCDEF,OU=Users,Snipers,OU=Recon,OU=Marines,OU=Agencies,DC=usa,DC=net 
ABCDEF OU=ABCDEF,OU=Officers,OU=Recon,OU=Marines,OU=Agencies,DC=usa,DC=net                  
ABCDEF OU=ABCDEF,OU=Users,OU=Cooks,OU=Engineerr,OU=Seabees,OU=Agencies,DC=usa,DC=net                   
ABCDEF OU=ABCDEF,OU=Department,OU=Users OU=Organization,Army,OU=Agencies,DC=usa,DC=net  
ABCDEF OU=ABCDEF,OU=Users,OU=Users OU=Army,OU=Agencies,DC=usa,DC=net

But I do not want all of them.
I want only one. I want the one that has both, “ABCDEF” and “Navy”

I tried:
$DName = (Get-ADOrganizationalUnit -Filter 'Name -like "*ABCDEF*" -and Name -like "*Navy*"' -Properties distinguishedName).DistinguishedName

I expected to get this: OU=ABCDEF,OU=Users,OU=Submarine,OU=Ship,OU=Navy,OU=Agencies,DC=usa,DC=net

But of course there is no name that is both “ABCDEF” and “Navy” at the same time.

And so, what would give me only this result?

OU=ABCDEF,OU=Users,OU=Submarine,OU=Ship,OU=Navy,OU=Agencies,DC=usa,DC=net

Thank you in advance for your help.

2

Hmmm … why don’t you use the filter for the DistinguishedName and use the pattern "*ABCDEF*Navy*"?

3

Olaf, Thank you for your reply. I did not think about REGEX.
I imagined some gyration with parent and/or Child.
By coincidence, I just received the book, Mastering Regular Expressions, 3rd Edition by Jeffrry Fredl.
So I was able to put this together:
.*OU=ABCDEF.*OU=NAVY.*

Here is a test:

PS C:\WINDOWS\system32> $D = "OU=ABCDEF,OU=Users,OU=Submarine,OU=Ship,OU=Navy,OU=Agencies,DC=usa,DC=net"
$Test = $D -Match '.*OU=ABCDEF.*OU=Navy.*'
If ($Test) 
    { 
     Write-Host “Yes, it Matches"  
    }
     Else 
     {
     Write-Host “No, It does not match "
     }
     
Yes, it Matches

PS C:\WINDOWS\system32>

And finally here is the real test, Sanitized.
PS C:\WINDOWS\system32> Get-ADOrganizationalUnit -FILTER * |?{$_.DistinguishedName -Match  '.*OU=ABCDEF.*OU=NAVY.*'}  | Format-Table Name, DistinguishedName, -A

Name        DistinguishedName                                          
----           -----------------                                          
ABCDEF OU=ABCDEF,OU=Boats,OU=Navy,DC=usa,DC=net 



PS C:\WINDOWS\system32>

And so even though you cannot use -Match with Get-ADOrganizationalUnit
Somebody showed me the work-around :
Get-ADOrganizationalUnit -FILTER * |?{$_.DistinguishedName -Match '.*OU=ABCDEF.*OU=NAVY.*'} | Format-Table Name, DistinguishedName, -A

4

I actually did not recommend regex. :wink: I think you’re overthinking this. I’d try it like this:

Get-ADOrganizationalUnit -Filter "DistinguishedName -like '*ABCDEF*Navy*'"
    | Select-Object -Property Name, DistinguishedName
1 Like
5

Olaf, I like how this looks:

Get-ADOrganizationalUnit -Filter "DistinguishedName -like '*ABCDEF*Navy*'"
    | Select-Object -Property Name, DistinguishedName

But when I try it , it returns nothing. I have tried several different times with different quotation mark placement, but it does not find it. Nothing shows up. -Thanks

6

I have to admit I didn’t check that before. But you’re right - wildcard filter do not work with the DistinguishedName.

But I would recommend to tweak your working code anyway. When you specify one part of the filter as far to the left as possible the query will be faster. :wink:

Get-ADOrganizationalUnit -Filter 'Name -like "*ABCDEF*"' |
    Where-Object {$_.DistinguishedName -match 'Navy'} |
        Select-Object -Property Name, DistinguishedName

If ABCDEF is the exact name of the OU you can even change the filter to 'Name -eq "ABCDEF"'.

7

Olaf, I will try it, thanks. My old working code takes 10-12 seconds to work. I will try it.

8

Yes, Yours works a lot faster than mine. Yours only took 1 or 2 seconds. This is a good lesson. Thanks, Olaf.
And Yes, Filter Left. Don Jones says so in his book “Learn Windows Powershell In A Month Of Lunches” Page 146.