Solved

GETADUSER

Posted on 2014-11-17
1
126 Views
Last Modified: 2014-11-25
Hi,

I need to run the below script for an application vendor.  Can someone explain what the following command does?  I know the script will harvest information such as email address, title and so on in active directory but I would like to understand the detail.

Our users in AD are mostly in the USER container and there are some other groups scattered in other OUs.  Should I run the below in ourdomain.com?  If yes, do I need to specify or it will run from ourdomain.com by default?

Please advise.  Many thanks.

Get-ADUser –LDAPFilter "(&(objectCategory=person)(objectClass=user)(!userAccountControl:1.2.840.113556.1.4.803:=2) (mail=*))" -Properties OfficePhone,EmailAddress,Title,Office,Department,Description,Manager | Set-Custodian -Company <company>
0
Comment
Question by:nav2567
1 Comment
 
LVL 21

Accepted Solution

by:
mcsween earned 500 total points
Comment Utility
This will pull OfficePhone,EmailAddress,Title,Office,Department,Description,Manager from active directory users (person) whose account is not disabled and have anything in the mail attribute.

It will pull from the entire directory, I don't see any OU filters on this
I don't know what the Set-Custodian cmdlet does as it isn't a standard powershell command, might be proprietary to the software you are working with the vendor on.

!userAccountControl:1.2.840.113556.1.4.803:=2 Means No disabled users.
mail=* Means the mail attribute is not NULL
0

Featured Post

Get up to 2TB FREE CLOUD per backup license!

An exclusive Black Friday offer just for Expert Exchange audience! Buy any of our top-rated backup solutions & get up to 2TB free cloud per system! Perform local & cloud backup in the same step, and restore instantly—anytime, anywhere. Grab this deal now before it disappears!

Join & Write a Comment

Synchronize a new Active Directory domain with an existing Office 365 tenant
OfficeMate Freezes on login or does not load after login credentials are input.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now