Solved

AD description field question

Posted on 2013-01-31
4
337 Views
Last Modified: 2013-02-01
Hi Experts,

How can I check if the Description field in my AD accounts [windows 2008 r2 forest/domain level] is linked to any other application such as Lync.

Going forward, I would like to use the Description field for special notes relating to the status of the user account

Please advise
0
Comment
Question by:Jerry Seinfield
  • 2
4 Comments
 
LVL 5

Expert Comment

by:coraxal
ID: 38841224
Well, not really sure what you mean by "linked to any other applications...", but I'll guess that you'd be looking for specific things in the description field such as "Lynch" or "Other app". If that's the case, you can check the Description field of AD accounts using PowerShell
# With the Win2k8 R2 Active-Directory module

Get-ADUser -Filter * -Properties Description -ResultSetSize $null | Select-Object Name,Description

# With Quest Active Roles cmdlets

Get-QADUser -SizeLimit 0 | Select-Object Name,Description

Open in new window

http://www.quest.com/powershell/activeroles-server.aspx
0
 

Author Comment

by:Jerry Seinfield
ID: 38841376
Thanks Coraxal

Basically what i need is to find a way via script or powershell to identify if this field is being used by another MS application /non MS application such as Lync, SAP, etc

Any ideas?
0
 
LVL 79

Expert Comment

by:David Johnson, CD, MVP
ID: 38841536
You can't unless you test every application as ANY application can query AD and use any value returned.
0
 
LVL 5

Accepted Solution

by:
coraxal earned 500 total points
ID: 38841629
If your AD users have values in the Description that you can query and apply filters on, then yes you can. However, if the Description is empty then like ve3ofa mentioned you won't be able to.

For example, if you have users like this:

"DisplayName", "Description"
John Doe, SAP user
Jane Doe, Lynch user

And if you were looking for the users with the string "SAP" in the Description field, you'd do something like this:
# With the Win2k8 R2 Active-Directory module

Get-ADUser -Properties Description -Filter {Description -like "*SAP*"} -ResultSetSize $null | Select-Object Name,Description

# With Quest Active Roles cmdlets

Get-QADUser -LdapFilter "(Description=*SAP*)"-SizeLimit 0 | Select-Object Name,Description

Open in new window

0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A procedure for exporting installed hotfix details of remote computers using powershell
This article runs through the process of deploying a single EXE application selectively to a group of user.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
The viewer will learn how to dynamically set the form action using jQuery.

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question