Need some help - how does this work?

parisi · May 26, 2021, 8:27pm

Need some help understanding the syntax here. This code works and outputs the info to the screen. I really need the info in ps variables, not on the screen.

$UPN = user@domain.com
Get-AzureADUser -ObjectId $UPN | Select-Object UserprincipalName,@{
    N="PasswordNeverExpires";E={$_.PasswordPolicies -contains "DisablePasswordExpiration"}
}

The first pipe does what? I think it passes all the data to the Select-Object. How do I assign certain parts of this to individual variables?
The @{ does what?
The {$_ does what?
Can someone explain the above syntax and how it works.

Basically, I want to be able to get the value of PasswordNeverExpires or DisablePasswordExpiration, not sure which is which.

Appreciate your help!

Thanks,
Paul.

Rahul20 · May 26, 2021, 8:59pm

Hello Paul,

Here’s how the command works

Get-AzureADUser command will try to fetch the Account in Azure AD with the provided UPN viz user@domain.com.

since this command has many member properties, we can use select-object (alternatively Select) to select specific properties of it.

By default, there is no property directly from the command we used, so we want to perform some operation and get the data that is required, so we use the format @{Name = ‘Name’; Expression = {‘’}}

Here,

To query the user account’s password type, i.e. expires or never expires, we need to check the property PasswordPolicies.
If this contains DisablePasswordExpiration, then PasswordNeverExpires will be ‘TRUE’ which means the account is set to expire

In Detail:

To check this, you can type:

Get-AzureADUser -ObjectId $UPN | Select-Object UserprincipalName, PasswordPolicies

Since PasswordPolicies is property of the command, and we have already piped it out, we can just select the property again by $_.propertyname

where, $_ has the current item in the pipeline

An example:

command|Select PropertyName1, @{
    N="name";E={"$_.PropertyName2"}
}

is same as

Command|select PropertyName1,PropertyName2

Note that @{N =‘n’; E={e}} (common syntax) is used while select-object is being used.

If the property PasswordPolicies contains DisablePasswordExpiration, then PasswordNeverExpires will be ‘TRUE’ which means the account is set to expire

so we have the expression as below:

$_.PasswordPolicies -contains "DisablePasswordExpiration"

which we use it in command as

Select-Object UserprincipalName,@{
    N="PasswordNeverExpires";E={$_.PasswordPolicies -contains "DisablePasswordExpiration"}

Hope this solves your query…

parisi · May 26, 2021, 9:16pm

This is so incredibly helpful! Wow! Lots to digest…

How would I assign the value to a variable?

Would it be this:

$value = $_.PasswordPolicies -contains "DisablePasswordExpiration"

nitishkalra1998 · May 27, 2021, 1:07pm

You can simply pipe the select-object to a variable like this:
$UPN = user@domain.com
Get-AzureADUser -ObjectId $UPN | Select-Object UserprincipalName,@{
N=“PasswordNeverExpires”;E={$_.PasswordPolicies -contains “DisablePasswordExpiration”}
} | $value
@Rahul20 Please correct me if i am wrong
thanks!

Topic		Replies	Views
A point in the right direction (book explanation) PowerShell Help	7	254	May 16, 2024
Can't get pipeline variable to evaluate PowerShell Help	3	247	May 16, 2024
Dynamic Select-Object arguments PowerShell Help	3	252	May 16, 2024
Learning about the pipeline PowerShell Help	4	233	May 16, 2024
Powershell New Guy Query PowerShell Help	12	273	May 16, 2024

Need some help - how does this work?

Related topics