How do i exclude users from the OU "zzOldUsers" from this script

Liam_R · October 28, 2022, 12:14pm

I’m guessing i need a -Exclude but i’m unsure of where it goes and how to exactly implement it.

##Check bottom of script for setting specific OU
Function Get-LastLogon {
  param(
    [string]$OUName
  )

  # Get all matching OUs on any level
  $OUs = Get-ADOrganizationalUnit -Filter "Name -like '$OUName'"
  $DCs = Get-ADDomainController -Filter *

  # Get all users from each OU from each DC
  $ADUsers = Foreach ($OU in $OUs) {
    Foreach ($DC in $DCs.HostName) {
      Get-ADUser -SearchBase $OU.DistinguishedName -Filter * -Properties LastLogon -server $dc | 
        Select-Object Name,@{N='userPrincipalName';E={$_.userPrincipalName.Split("_")[0]}}, @{n='LastLogon';e={[DateTime]::FromFileTime($_.LastLogon)}}
    }
  }

  # return most recent LastLogon date for each user
  $ADUsers | 
    Group Name,userPrincipalName | 
    Select Name,@{N='userprinciplename';E={$_.userprinciplename.Split("_")[0]}}, @{n='LastLogon';e={$_.Group.LastLogon | sort -desc | select -First 1}}
}  ## End function

$OUcustom = Read-Host -prompt 'Enter OU here or "Clients" for all'
##Enter the OU here
Get-LastLogon -OUName $OUcustom |
##export csv
Export-Csv -path "C:\temp\UserExport_$((Get-Date).ToString("ddMM_HHmm")).csv" -NoTypeInformation
".csv extracted to C:\temp"

pause

alex-innes · October 28, 2022, 12:20pm

This is the line you need to add your exclusion as this looks to be where its getting all the OUs in the first instance.

Get-ADOrganizationalUnit
Have a read of the documentation on the command.

Liam_R · October 28, 2022, 12:44pm

any advice on where to slot it in? I’ve been trying but I’m getting an error every time so I’m clearly not getting this aha.

$OUs = Get-ADOrganizationalUnit -Filter "Name -like '$OUName'", -exclude 'zzOldUsers'

Olaf · October 28, 2022, 1:17pm

???

You should ALWAYS read the COMPLETE help for the cmdlets you’re about to use … including the examples to learn how to use them.

There is no parameter -Exclude!

You should use a

Liam_R · October 28, 2022, 1:36pm

Well i just read through the Where-Object page and what i’ve come to is that need to swap this line

$OUs = Get-ADOrganizationalUnit -Filter "Name -like '$OUName'"

For something that goes like

$OUs = Get-ADOrganizationalUnit Where-Object...

Then specify after to be like $OUName and not like ‘zzOldUser’?
If not then I’m lost.

Olaf · October 28, 2022, 3:17pm

I’d urgently recommend to do a big step back and take your time and start with learning the very basics of PowerShell first. That will save you from a lot of wasted time and frustrations.

$OUs = 
    Get-ADOrganizationalUnit -Filter "Name -like '*$OUName*'" |
        Where-Object -Property 'DistinguishedName' -NotMatch -Value 'zzOldUser'

Liam_R · October 28, 2022, 3:25pm

When i have a spare moment i 100% plan to.
Thank you.

I’ve just tried this and it doesn’t seem to work?
There is the same amount of results on the csv file as there was before excluding that OU.

Olaf · October 28, 2022, 3:40pm

$OU_01 = 
    Get-ADOrganizationalUnit -Filter "Name -like '*$OUName*'" |
        Where-Object -Property 'DistinguishedName' -NotMatch -Value 'zzOldUser'

$OU_02 = 
    Get-ADOrganizationalUnit -Filter "Name -like '*$OUName*'"

$OU_01.Count
$OU_02.Count

If that does not output 2 different numbers something with your string or logic is wrong.

Liam_R · October 28, 2022, 3:55pm

The results didn’t output any numbers no…
Even when i just ran what you have here though and just adding in $OUName = ‘Clients’ it didn’t output any numbers.
I also tried
Where-Object -Property 'Name' -NotMatch -Value 'zzOldUsers'
and
Where-Object -Property 'DistinguishedName' -Notlike -Value '*zzOldUsers*'
and these just printed the code out, no numbers.
Double checked the OU is zzOldUsers with the “s” on the end too, so it’s not that throwing the code off.

Olaf · October 28, 2022, 4:23pm

Do you get any output when you run this?

Get-ADOrganizationalUnit -Filter "Name -like '*Clients*'"

Liam_R · October 28, 2022, 4:33pm

Yes i get the “clients” OU info in the readout.

Olaf · October 28, 2022, 5:23pm

Singular?

Where is the OU located where "zzOldUsers" is part of the name?

Liam_R · October 31, 2022, 9:39am

Under the Clients folder.
In AD we have the domain, then in that there is a “Clients” folder, then inside that there are folders for each client, and also the zzOldUsers folder.

The Dname of that folder is “OU=zzOldUsers,OU=Clients,DC=Company,DC=co,DC=uk” so i agree it is weird why it isn’t returning all the folders listed under the “Clients” folder.

Olaf · October 31, 2022, 9:52am

No, it is not. If you’re looking for an OU with the name “Clients” and you have only one you get only one.

You should use the “Clients” OU as your searchbase -not as your filter criteria and exclude the OU with the name “zzOldUsers” from that query.

Topic		Replies	Views
Posh Script - AD Users - exclude OUs? PowerShell Help	3	151	January 27, 2015
Export users (CSV) - but exclude users that are members of a specific group PowerShell Help	1	199	May 22, 2020
Exclude OU's from being found PowerShell Help	13	123	April 12, 2024
Exclude OU groups in powershell script PowerShell Help	8	170	September 21, 2018
Filter multiple users from Get-AdUser PowerShell Help	3	184	March 19, 2020

How do i exclude users from the OU "zzOldUsers" from this script

Related Topics