Short Version of names in AD

PowerShell Help
1

Hi folks,

I have recently been running a script i had come across a problem with and apparently this may be the place to ask this!

My script would look for a user in Active Directory and retrieve the users email address but i came across a problem…

if i searched for “jonathon stone” in AD it would retrieve the user even if the display name as “jon stone”

however if i ran this via powershell it would always return null?

I realise my coding is probably shockingly amateur and messy but here it is! :slight_smile:

Import-Module activedirectory $users = Get-Content c:\script\users.csv $NewCSVObject = @() $NewCSVObjects = New-Object System.Object Foreach($Name in $users) { $User = Get-ADUser -ldapfilter "(displayname=$Name)"-Property mail |Select-Object -Property name,mail if ( $User -eq $null) {$NewCSVObjects = New-Object System.Object $NewCSVObjects | Add-Member -MemberType NoteProperty -Name "Name" -Value $Name -force $NewCSVObjects | Add-Member -MemberType NoteProperty -Name "Mail" -Value "Not Found" -force $User = $NewCSVObjects } $NewCSVObject += $User $NewCSVObject | export-csv c:\script\test.csv -noType } New-Object -TypeName PSObject -Property @{User = $Name Mail = $User.mail }
2

When you say you “searched for “jonathon stone” in AD”, do you mean you used the Find dialog in Active Directory Users and Computers? If so, that console’s search functionality actually works on several fields of the user objects. In your example, I would imagine that the user’s givenName attribute is set to “Jonathon”, even though the CN and/or displayName are showing “Jon”.

3

Yes sorry so the search function on AD finds it.

The users firstname is set to Jonathan and displayname is set to jon stone

ONly thing was when i ran it via powershell it wouldnt find it.

Hope that makes sense

4

Yep, that’s awkward. You can either write some moderately complex parsing and filter building logic in your script, or just settle on a particular format to use in your file. Personally, I would lean toward putting logon names in the file (SamAccountName), avoiding the need for any tricky logic, and also avoiding the possibility of getting multiple results from your search (unless you’ve got duplicates due to a replication conflict.)

5

Unfortunately… :slight_smile: The company i work for didnt approach this logically as you have suggested so displaynames are different usernames are awkward e.t.c shrug :slight_smile: i have dealt with this now and manually found 200 email addresses! but i did wonder why powershell struggled when AD didnt!

Oh well at least i know its not something i was doing wrong! :slight_smile: