Hey All,
New Powershell user here and I am looking for some insight. I have to pull the following items from Active Directory and dump them into a spreadsheet…
extensionAttribute1
extensionAttribute2
Department
Is it possible to pull this information using “objectGUID” ? I have over 2000 AD users/objects that I need to pull this info so we can import it into GCDS (Google Cloud). Any help would be much appreciated!
You don’t say what you’ve tried or what issues you are having.
Or, do you mean this…
Get-ADUser -Identity $env:USERNAME -Properties * | Select ObjectGUID,extensionAttribute1,extensionAttribute2
In Powershell, most cmdlets will return default properties. You can see in the example below with Get-Service, only 3 properties are returned, the others hidden until we do Select -Properties *:
PS C:\WINDOWS\system32> Get-Service | Select -First 1
Status Name DisplayName
------ ---- -----------
Stopped 010170153020298... McAfee Application Installer Cleanu...
PS C:\WINDOWS\system32> Get-Service | Select * -First 1
Name : 0101701530202980mcinstcleanup
RequiredServices : {}
CanPauseAndContinue : False
CanShutdown : False
CanStop : False
DisplayName : McAfee Application Installer Cleanup (0101701530202980)
DependentServices : {}
MachineName : .
ServiceName : 0101701530202980mcinstcleanup
ServicesDependedOn : {}
ServiceHandle :
Status : Stopped
ServiceType : Win32OwnProcess
StartType : Automatic
Site :
Container
For WMI and Active Directory, only certain properties are returned in the resultset, simply for speed. Returning 10 properties or 100 properties multiplied by the number of objects (like 1000 users) is going to return at much different performance levels. As postanote eluded, you need to tell the cmdlet that you want additional properties returned in the query. Using -Properties * will return ALL properties. You can also specify just the properties you require to increase performance:
Get-ADUser -Identity $env:USERNAME -Properties ObjectGUID,extensionAttribute1,extensionAttribute2 | Select ObjectGUID,extensionAttribute1,extensionAttribute2
This is basically what I’ve been using so far…
$objectlist = Import-Csv .\objects.csv
foreach ($obj in $objectlist) {
$aduser = Get-ADUser “$($obj.ObjectGUID)” -Properties department, extensionAttribute1, extensionAttribute2, ObjectGUID
Write “Dept is $($aduser.department) extAtt1 is ‘$($aduser.extensionAttribute1)’ extAtt2 is ‘$($aduser.extensionAttribute2)’”
}
The Write command is in there purely for testing to make sure that it’s returning values (which it is). Now I just need to export that data to a csv. Granted I have only tested this against users, not contacts or groups yet. I appreciate the input.
You have the basics. Just need the export. (Untested from memory only)
$aduser = @()
foreach ($obj in $objectlist) {
$aduser += Get-ADUser "$($obj.ObjectGUID)" -Properties department, extensionAttribute1, extensionAttribute2, ObjectGUID
}
$aduser | Select-Object ObjectGUID,department,extensionAttribute1,extensionAttribute2 | Export-Csv 'C:\path\file.csv' -NoTypeInformation