Solved

AD description field question

Posted on 2013-01-31
4
336 Views
Last Modified: 2013-02-01
Hi Experts,

How can I check if the Description field in my AD accounts [windows 2008 r2 forest/domain level] is linked to any other application such as Lync.

Going forward, I would like to use the Description field for special notes relating to the status of the user account

Please advise
0
Comment
Question by:Jerry Seinfield
  • 2
4 Comments
 
LVL 5

Expert Comment

by:coraxal
ID: 38841224
Well, not really sure what you mean by "linked to any other applications...", but I'll guess that you'd be looking for specific things in the description field such as "Lynch" or "Other app". If that's the case, you can check the Description field of AD accounts using PowerShell
# With the Win2k8 R2 Active-Directory module

Get-ADUser -Filter * -Properties Description -ResultSetSize $null | Select-Object Name,Description

# With Quest Active Roles cmdlets

Get-QADUser -SizeLimit 0 | Select-Object Name,Description

Open in new window

http://www.quest.com/powershell/activeroles-server.aspx
0
 

Author Comment

by:Jerry Seinfield
ID: 38841376
Thanks Coraxal

Basically what i need is to find a way via script or powershell to identify if this field is being used by another MS application /non MS application such as Lync, SAP, etc

Any ideas?
0
 
LVL 78

Expert Comment

by:David Johnson, CD, MVP
ID: 38841536
You can't unless you test every application as ANY application can query AD and use any value returned.
0
 
LVL 5

Accepted Solution

by:
coraxal earned 500 total points
ID: 38841629
If your AD users have values in the Description that you can query and apply filters on, then yes you can. However, if the Description is empty then like ve3ofa mentioned you won't be able to.

For example, if you have users like this:

"DisplayName", "Description"
John Doe, SAP user
Jane Doe, Lynch user

And if you were looking for the users with the string "SAP" in the Description field, you'd do something like this:
# With the Win2k8 R2 Active-Directory module

Get-ADUser -Properties Description -Filter {Description -like "*SAP*"} -ResultSetSize $null | Select-Object Name,Description

# With Quest Active Roles cmdlets

Get-QADUser -LdapFilter "(Description=*SAP*)"-SizeLimit 0 | Select-Object Name,Description

Open in new window

0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will show, step by step, how to integrate R code into a R Sweave document
Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now