Solved

AD: search for groups with name test in it

Posted on 2013-02-07
5
483 Views
Last Modified: 2013-02-18
Hi,

Please advise: in  AD how do I search for groups with name test in it?
Tried with ADUC, search for groupname, *groupname*, %groupname%, advanced search, ldap search. Group exists but I don't get the result.

Please advise.
J.
0
Comment
Question by:janhoedt
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 42

Expert Comment

by:sedgwick
ID: 38863346
powershell:
$Filter = "(&(ObjectCategory=group)(DistinguishedName=*test*))"
$Searcher = New-Object System.DirectoryServices.DirectorySearcher($Filter)
$Searcher.Findall() | 
ForEach-Object `
  -Begin { "Results of $Filter query: " } `
  -Process { 
                    $_.properties.item("DistinguishedName")
                    $_.properties.item("Description")
                    "`r"
                   } `
  -End { [string]$Searcher.FindAll().Count + " $Filter results were found" }

Open in new window


based on how-can-i-search-active-directory-with-windows-powershell-to-return-a-list-of-missing-groups
0
 
LVL 17

Accepted Solution

by:
Tony Massa earned 250 total points
ID: 38863596
Just search for the word TEST.  You can't use wildcards in the normal search as it's treated as part of the search string.

In ADUC, to filter for just groups with TEST in the name, perform a custom search. When you're in ADUC, perform a find, then in the "FIND" drop-down, choose "Custom Search".  You will then click the "Advanced" tab shown below to manually enter an LDAP query.
Enter the filter of
(&(objectCategory=Group)(name=*test*))

Open in new window

Custom LDAP Search
0
 
LVL 1

Assisted Solution

by:zaicnupagadi
zaicnupagadi earned 250 total points
ID: 38867216
I think the simplest way to do it will be:

Get-QADGroup | ? {$_.Name -match "test"}

Instead if "$_.Name" which takes the "name" property from the current object (current object is "$_"), you can filter groups by other parameters like description:

Get-QADGroup | ? {$_.Description -match "test"}

If you would like to filter by those two:

Get-QADGroup | ? {($_.Name -match "test") -or ($_.Description -match "test")}

To invoke that query you will need "Quest PowerShell Commands for Active Directory", link with description how to use other functionality -
http://ss64.com/ps/quest.html

I cannot imagine my life as a admin without this software :)
0
 

Author Comment

by:janhoedt
ID: 38903037
Any idea how you would do an unattended install of this powerquest and it's modules?
Note: why not ISE instead of quest?
0
 
LVL 1

Expert Comment

by:zaicnupagadi
ID: 38904406
You install Quest cmdlet on the computer you want to execute the query - why would you like to install it remotely and silently? You have written "Why not ISE" - as far as I am concerned, "PowerShell ISE" is an editor for PS, Quest gives us additional modules to PS, so we can use addtional commands.

To add the Quest module to powershell - so it will be loaded by default, you have to create a file:

C:\Windows\System32\WindowsPowerShell\v1.0\profile.ps1

The content of mine "profile.ps1" is:

Add-PSSnapin Quest.ActiveRoles.ADManagement
Set-QADPSSnapinSettings -DefaultSizeLimit 0

First line will load the module, second one will set the default limit to 0 - which means no limit - quite useful.
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains the steps required to use the default Photos screensaver to display branding/corporate images
A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question