Hi all,
I am trying to clean up some of my scripting attempts when interrogating the AD with powershell…
i normally do the following
Import-Module ActiveDirectory
Get-ADuser -Searchbase 'OU=Users,OU=DirectoryX,OU=DirectoryY,DC=domainX,DC=Local' -Filter {enabled -eq $True}
and this has worked reasonably well. However the actual pipline(ing) is now getting quite long…is there a way to set a variable eg:
Import-Module ActiveDirectory
$Search = ('OU=Users,OU=DirectoryX,OU=DirectoryY,DC=domainX,DC=Local' -Filter {enabled -eq $True})
Get-ADuser -Searchbase $Search
and following on from that:
Select-Object Name,SamAccountName ...etc
to be a variable too?
eg
$SO = (Select-Object Name,SamAccountName ...etc
Hopefully, that makes sense as to what I’m after…have already been able to configure:
$Date = ((Get-Date).ToString('dd-MM-yyyy'))
to good effect, and wanted to expand knowledge and scripting!
Thanks
JasonL
use splatting:
$myOptions = @{
Searchbase = 'OU=Users,OU=DirectoryX,OU=DirectoryY,DC=domainX,DC=Local'
Filter = {enabled -eq $true}
}
Get-ADuser @myOptions
Thanks for your reply Sam, will give it a go!
To expand on that, would this then also be true:
$myOptions = @{
Searchbase = 'OU=Users,OU=DirectoryX,OU=DirectoryY,DC=domainX,DC=Local'
Filter = {enabled -eq $true}
}
$myobject =@{
Select-Object Name,SamAccountName...
}
Get-ADUser $myOptions | $myobject | Out-File -file $file
To Select the relevant data required?
Thanks
JasonL
Hey Jason,
When splatting you are pre-defining the parameters and their values in a hash table which is made up of key=value pairs and this gets fed to the cmdlet using the @ symbol. You can’t specify a cmdlet in that hash table. Notice each cmdlet has its own hash table being passed to it.
$myOptions = @{
Searchbase = 'OU=Users,OU=DirectoryX,OU=DirectoryY,DC=domainX,DC=Local'
Filter = {enabled -eq $true}
}
$myobject =@{
Property = 'Name','SamAccountName'
}
Get-ADUser @myOptions | Select-Object @myobject
What you are asking , is really easy to rove out.
Did you try this already?
I mean you can try anything as long as it is not trying to change anything, and even if that, you could always use the -WhatIf parameter to prevent any changes yet still see all the results.
Even with this…
Searchbase = ‘OU=Users,OU=DirectoryX,OU=DirectoryY,DC=domainX,DC=Local’
…If not used in side the splat, you can make more dynamic by using variables.
For example, pick any user and ask for the Searchbase to get the base DN for say Domain Users.
($PrimaryGroup = (Get-ADUser -Filter * -Properties *)[0].PrimaryGroup)
$myOptions = @{
Searchbase = “$PrimaryGroup”
Filter = {enabled -eq $true}
}
$myobject =@{
Select-Object Name,SamAccountName
}
Get-ADUser $myOptions | $myobject | Out-File -file $file
As for is you can really do anything, again just a mater of giving it a shot. I mean, it’s a 50/50 proposition. IT either works or it doesn’t.
As for the your block about. If you have this open in the PoSH ISE of VSCode, you will see right away that you have an issue by all the red squiggly lines that show up and of course running it will generate the normal ugly red blob, well unless you changed your error colors.
Hi guys, have amended my script, and all works as expected, many thanks…now I nave a ‘neater’ script - Thanks Sam,Alex and postanote!