Solved

Get SamAccountName from Name with Powershell

Posted on 2014-10-08
7
432 Views
Last Modified: 2014-10-09
Hi EE

I have about 80k names that I need to pull the SamAccountName for each ..

The way below took like 20 mins and I stopped it .. it had only pulled for 2000 accounts .. Can someone help me on making this
better with PS? I know this is not the best way ..

$Name = get-content C:\:Powershell\Names.txt
 $Name | Foreach {

 get-qaduser -Name $_
 } | Select samaccountname,Name,canon* | Export-csv SamAccountnames.csv -nti
0
Comment
Question by:MilesLogan
  • 3
  • 2
  • 2
7 Comments
 
LVL 25

Expert Comment

by:Mohammed Khawaja
ID: 40369890
Have you tried dsquery.exe as it is faster.  Run the following:

squery * -filter "&(objectClass=person)(objectCategory=user)" -attr cn samaccountname -limit 0 > samaccounts.txt
0
 
LVL 2

Author Comment

by:MilesLogan
ID: 40369898
Hi Mohammed ..thank you for the tip .. Ideally I would like it to be PowerShell ..
0
 
LVL 25

Expert Comment

by:Mohammed Khawaja
ID: 40369904
I see you are using get-qaduser which is using Quest AD modules.  Do you Win2008 or Win2003?  If you have Win2008 or higher, you could try get-aduser which I have found to be faster.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 17

Expert Comment

by:Learnctx
ID: 40369957
Part of the problem is you're doing 80,000 LDAP sequential LDAP calls. So straight off the bat your efficiency sucks. You would be better off potentially doing 1 single LDAP call and bringing back all of the user accounts with the properties you want. I would do it more like this (I don't use the Quest cmdlets so you will need to modify for those).

$Name = get-content C:\:Powershell\Names.txt
Get-ADUser -Filter * -Properties CanonicalName | Where-Object {$Name -contains $_.sAMAccountName} | Select samaccountname,Name,canon* | Export-csv SamAccountnames.csv -nti

Open in new window


20 minutes for 2,000 users seems excessive though. I would look at the performance of your Domain Controllers or look at using something other than the Quest cmdlets if they perform so slowly (either the PowerShell cmdlets or just .NET LDAP lookup). In my testing I am able to pull back 150,000 objects in 3 minutes using the AD cmdlets and export them to CSV.
0
 
LVL 2

Author Comment

by:MilesLogan
ID: 40369973
Thanks Learnctx ... This is definitely way better .. I appreciate the info ... If I only need the SAmAccountName in the outfile ..

how would you modify your script ?
0
 
LVL 17

Accepted Solution

by:
Learnctx earned 500 total points
ID: 40370035
If you just want the sAMAccountName attribute then just remove Name and CanonicalName from the Select.
$Name = get-content C:\:Powershell\Names.txt
Get-ADUser -Filter * | Where-Object {$Name -contains $_.sAMAccountName} | Select samaccountname | Export-csv SamAccountnames.csv -nti

Open in new window

0
 
LVL 2

Author Closing Comment

by:MilesLogan
ID: 40370934
Thank you .. much better then what I was doing .
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now