Powershell - Get-ADUser -Searchbase - Filtering by OU not working HELP!

Hi All,

I am trying to get all users within a given OU using Get-ADUser. I have read across the web and everything points to exactly what I am doing below - however, this is simply not working. If I omit the -SearchBase argument everything works like it should, however, when I try and use this parameter I get the error: “directory object not found”… I use Where-Object ti filter the Distinguished name but this takes ages on a large directory thus why I would like to filter it. Can anybody help on this?

$ADPath = “OU=TheUsersOU,dc=domain,dc=local”

$ADUsers = Get-ADUser -filter ‘enabled -eq $true’ -SearchBase $ADPath

Thanks very much,
K

kmcnally2022,
Welcome to the forum. :wave:t4:

When you post code, sample data, console output or error messages please format it as code using the preformatted text button ( </> ). Simply place your cursor on an empty line, click the button and paste your code.
Thanks in advance

Your code is actually correct. The OU you specified in your variable $ADPath does not seem to be existing.

I would try editing your filter to either of these

“Enabled -eq ‘$true’”

Or

{Enabled -eq “$true”}

Pay close attention to the quotes in each.

Hi There,

I am not having an issue the Get-ADUser -filter ‘enabled -eq $true’ -SearchBase $ADPath option at all. This worked correctly and only returns enabled users as it should. The problem I am experiencing is when I invoke the -SearchBase argument. Even the error output states that I need to specify -SearchBase “OU=TheUsersOU,dc=domain,dc=local”. However, this is simply not working. Have tried this in both PS5 and PS7 with no luck on either. Can somebody help a man out here? Thanks very much,
K

And “TheUsersOU” is at the root of your AD tree? If not, you need the full path.

As I already mentioned in my first answer, this error message indicates that the OU you specified does not exist in your AD. You may search for one of the users in the desired OU without specifying a search base and use the OU part of the DN of this user as the search base. :wink:

2 Likes

Hi Olaf,

The OU I have specified is just made up for the purpose of posting online and does not refer to my underlying AD structure. Would you be able to post an example of how you would go about filtering for a given OU - as I have tried multiple different OU’s, which I know exist - but am still getting the same error every time…

Thanks,
K

I did expact that. :smirk:

You pick a random user from the desired OU and query it this way:

Get-ADUser -Identity 'sAMAccountName'

The output will include the distinguished name of this user … something like this:

CN=Jeff Smith,OU=Sales,DC=Fabrikam,DC=COM

Now you remove the Common Name part CN=Jeff Smith including the comma and you get your desired OU:

OU=Sales,DC=Fabrikam,DC=COM

Example taken from

1 Like