Solved

AD: search for groups with name test in it

Posted on 2013-02-07
5
476 Views
Last Modified: 2013-02-18
Hi,

Please advise: in  AD how do I search for groups with name test in it?
Tried with ADUC, search for groupname, *groupname*, %groupname%, advanced search, ldap search. Group exists but I don't get the result.

Please advise.
J.
0
Comment
Question by:janhoedt
5 Comments
 
LVL 42

Expert Comment

by:sedgwick
ID: 38863346
powershell:
$Filter = "(&(ObjectCategory=group)(DistinguishedName=*test*))"
$Searcher = New-Object System.DirectoryServices.DirectorySearcher($Filter)
$Searcher.Findall() | 
ForEach-Object `
  -Begin { "Results of $Filter query: " } `
  -Process { 
                    $_.properties.item("DistinguishedName")
                    $_.properties.item("Description")
                    "`r"
                   } `
  -End { [string]$Searcher.FindAll().Count + " $Filter results were found" }

Open in new window


based on how-can-i-search-active-directory-with-windows-powershell-to-return-a-list-of-missing-groups
0
 
LVL 17

Accepted Solution

by:
Tony Massa earned 250 total points
ID: 38863596
Just search for the word TEST.  You can't use wildcards in the normal search as it's treated as part of the search string.

In ADUC, to filter for just groups with TEST in the name, perform a custom search. When you're in ADUC, perform a find, then in the "FIND" drop-down, choose "Custom Search".  You will then click the "Advanced" tab shown below to manually enter an LDAP query.
Enter the filter of
(&(objectCategory=Group)(name=*test*))

Open in new window

Custom LDAP Search
0
 
LVL 1

Assisted Solution

by:zaicnupagadi
zaicnupagadi earned 250 total points
ID: 38867216
I think the simplest way to do it will be:

Get-QADGroup | ? {$_.Name -match "test"}

Instead if "$_.Name" which takes the "name" property from the current object (current object is "$_"), you can filter groups by other parameters like description:

Get-QADGroup | ? {$_.Description -match "test"}

If you would like to filter by those two:

Get-QADGroup | ? {($_.Name -match "test") -or ($_.Description -match "test")}

To invoke that query you will need "Quest PowerShell Commands for Active Directory", link with description how to use other functionality -
http://ss64.com/ps/quest.html

I cannot imagine my life as a admin without this software :)
0
 

Author Comment

by:janhoedt
ID: 38903037
Any idea how you would do an unattended install of this powerquest and it's modules?
Note: why not ISE instead of quest?
0
 
LVL 1

Expert Comment

by:zaicnupagadi
ID: 38904406
You install Quest cmdlet on the computer you want to execute the query - why would you like to install it remotely and silently? You have written "Why not ISE" - as far as I am concerned, "PowerShell ISE" is an editor for PS, Quest gives us additional modules to PS, so we can use addtional commands.

To add the Quest module to powershell - so it will be loaded by default, you have to create a file:

C:\Windows\System32\WindowsPowerShell\v1.0\profile.ps1

The content of mine "profile.ps1" is:

Add-PSSnapin Quest.ActiveRoles.ADManagement
Set-QADPSSnapinSettings -DefaultSizeLimit 0

First line will load the module, second one will set the default limit to 0 - which means no limit - quite useful.
0

Join & Write a Comment

The saying goes a bad carpenter blames his tools. In the Directory Services world a bad system administrator, well, even with the best tools they’re probably not going to become an all star.  However for the system admin who is willing to spend a li…
Introduction You may have a need to setup a group of users to allow local administrative access on workstations.  In a domain environment this can easily be achieved with Restricted Groups and Group Policies. This article will demonstrate how to…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now