Solved

extract from DN of the object OU in the domain's root

Posted on 2014-11-18
13
129 Views
Last Modified: 2014-11-20
Hi folks,

sorry for my English

I need extract from DN of the object OU in the domain's root ( ou=development or ou=staff)
 
                                                                       dc= Biomed  
                                                                             |
                                                                             |                                    
                                                  development _  _|___ou=staff
                                                                       |              |
                                                                       |              |
                                   win7 desktops    --------               -------ou=research
                                           |                                            |
                                      comp1                                        ------ou=accounting
                                                                                                        |
                                                                                                           cn=john's comp

DN >cn="john comp", ou=accounting,ou=staff, dc=biomed



please, help
0
Comment
Question by:nesher13
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 6
13 Comments
 
LVL 40

Expert Comment

by:footech
ID: 40450455
Are you saying that you have an object with a DN like "cn=john's comp,ou=accounting,ou=research,ou=staff,dc=biomed" and you need it to be
"cn=john's comp,ou=accounting,ou=staff,dc=biomed" (in essence removing the "ou=research" portion)?
0
 

Author Comment

by:nesher13
ID: 40450468
footech

yes
0
 
LVL 40

Expert Comment

by:footech
ID: 40450655
The distinguishedName is just a string, so you can do a replace operation on it, replacing the desired text (in this case ",ou=research"), with nothing.  It's hard to give a complete example without knowing how you're using it, but hopefully this example shows the syntax well enough for you.
Given a particular string this would work.
"cn=john's comp,ou=accounting,ou=research,ou=staff,dc=biomed" -replace ",ou=research"

Open in new window


Here's an example working on a list of computers retrieved from AD.
Get-ADComputer -filter * | Select DistinguishedName,@{n="new DN";e={$_.DistinguishedName -replace ",ou=research"}}

Open in new window

0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:nesher13
ID: 40451993
footech,

I do not quite understand your answer and how to apply it in my task

I want to run following pipe:

Search-ADAccount -AccountInactive -TimeSpan "90" -computersOnly | select replasementDN, name | sort replasementDN

Many thanks
0
 
LVL 40

Expert Comment

by:footech
ID: 40452098
The second example in my previous post is applicable.  It uses what is known as a "calculated property".  The Select command is used to create a new property for the object that is calculated from other information.  Here it is integrated with the command you want to run.
Search-ADAccount -AccountInactive -TimeSpan "90" -computersOnly | select @{n="replacementDN";e={$_.DistinguishedName -replace ",ou=research"}}, name | sort replacementDN

Open in new window

0
 

Author Comment

by:nesher13
ID: 40452266
footech

I am sorry, but this is not working.

I probably do not accurately formulate the problem. In the picture is not visible multilevel structure of the domain. I not want to see in replacementDN contained domain,hierarchy ou's or CN . I quote a few lines of output:

replacementDN                                                                     name



CN=ACC2 Desktops,DC=tr,DC=Biomed         (does not exist in the root domain)                                                         ACC2

CN=ADM-PC,OU=OLD Comps,DC=Biomed      ( there is CN )                                                                                    ADM-PC

CN=ADREYGXPV2,OU=WXP Desktops,OU=Bio Institute,DC=Biomed  (2 OU +CN)                                            ADREYGXPV2

CN=ALBERTS-PC1,OU=W7,OU=Bio Institute,DC=Biomed       (2 OU +CN)                                                              ALBERTS-PC1

CN=AMIT13 Desktops,DC=Biomed          (does not exist in the root domain)                                                        AMIT13

Also, I get output not only from ou Amit (I use Amit  instead Research). But and of several OU's on top-level
0
 
LVL 40

Expert Comment

by:footech
ID: 40452395
I'm sorry, but I don't understand what you want.

Maybe I'll understand if you explain the following:
- what command you want to run
- what the current output is
- what you want the output to be
0
 

Author Comment

by:nesher13
ID: 40452483
footech

I am running following pipeline:
 Search-ADAccount -AccountInactive -TimeSpan "90" -computersOnly | select @{n="replacementDN";e={$_.DistinguishedName -replace ",ou=Amit"}}, name | sort replacementDN | export-csv c:\temp\replasment-DN.csv

Open in new window

Search-ADAccount -AccountInactive -TimeSpan "90" -computersOnly | select @{n="replacementDN";e={$_.DistinguishedName -replace ",ou=Amit"}}, name | sort replacementDN | export-csv c:\temp\replasment-DN.csv

instead of the previous output, I would like to receive:

replacementDN                                                    Name


Amit                                                                                      ACC2

OLD Comps                                                                          ADM-PC

Bio Institute                                                                           ADREYGXPV2

Bio Institute                                                                           Albert-pc1

AMIT                                                                                      Amit13
0
 
LVL 40

Expert Comment

by:footech
ID: 40452984
What's the output if you just run
Search-ADAccount -AccountInactive -TimeSpan "90" -computersOnly | select distinguishedname, name | sort distinguishedname

Open in new window

0
 

Author Comment

by:nesher13
ID: 40454723
footech,

I am run Search-ADAccount -AccountInactive -TimeSpan "90" -computersOnly | select distinguishedname, name | sort distinguishedname
                                         
CN=AMIT13,OU=AMIT Desktops,OU=AMIT,DC=tr,DC=technion,DC=..
CN=AMIT15,OU=AMIT Desktops,OU=AMIT,DC=tr,DC=technion,DC=..
CN=AMIT20,OU=AMIT Desktops,OU=AMIT,DC=tr,DC=technion,DC=..
CN=AMIT8,OU=AMIT Desktops,OU=AMIT,DC=tr,DC=technion,DC=a..
CN=AMITSERVER,OU=OLD Comps,DC=tr,DC=technion,DC=ac,DC=il
CN=AMITUSER19,OU=AMIT Desktops,OU=AMIT,DC=tr,DC=technion..
CN=AMITUSER2,OU=OLD Comps,DC=tr,DC=technion,DC=ac,DC=il
CN=AMITUSER9,OU=OLD Comps,DC=tr,DC=technion,DC=ac,DC=il
CN=ANAT-LAP,OU=OLD Comps,DC=tr,DC=technion,DC=ac,DC=il
CN=ATL,OU=WinXPWMI,DC=Biomed
CN=ACC2,OU=AMIT Desktops,OU=AMIT,DC=tr,DC=Biomed
CN=ACC3,OU=AMIT Desktops,OU=AMIT,DC=Biomed
CN=ACC6,OU=AMIT Desktops,OU=AMIT,DC=Biomed
CN=AUTHRIZATIONMMI,OU=OLD Comps,DC=Biomed
CN=AVIAVXPSP2,OU=OLD Comps,DC=Biomed
CN=B-D_COMP1,OU=OLD Comps,DC=Biomed
CN=BDIKAXP,OU=OLD Comps,DC=Biomed
CN=BENI-LAP,OU=OLD Comps,DC=Biomed
CN=BENIR,OU=OLD Comps,DC=Biomed
CN=BENIS-W7,OU=OLD Comps,DC=Biomed
CN=BOLGA-PC,OU=W7,OU=Metal Institute,DC=Biomed
CN=BUSDEVSTUDXP-1,OU=OLD Comps,DC=Biomed
CN=BUSDEVSTUDXP-4,OU=OLD Comps,DC=Biomed
CN=AMITUSER19,OU=AMIT Desktops,OU=AMIT,DC=Biomed
0
 

Author Comment

by:nesher13
ID: 40454742
fotech,

please ignore previous comment
------------------------------------------------------
I am run Search-ADAccount -AccountInactive -TimeSpan "90" -computersOnly | select distinguishedname, name | sort distinguishedname

CN=ATL,OU=WinXPWMI,DC=Biomed
CN=ACC2,OU=AMIT Desktops,OU=AMIT,DC=tr,DC=Biomed
CN=ACC3,OU=AMIT Desktops,OU=AMIT,DC=Biomed
CN=ACC6,OU=AMIT Desktops,OU=AMIT,DC=Biomed
CN=AUTHRIZATIONMMI,OU=OLD Comps,DC=Biomed
CN=AVIAVXPSP2,OU=OLD Comps,DC=Biomed
CN=B-D_COMP1,OU=OLD Comps,DC=Biomed
CN=BDIKAXP,OU=OLD Comps,DC=Biomed
CN=BENI-LAP,OU=OLD Comps,DC=Biomed
CN=BENIR,OU=OLD Comps,DC=Biomed
CN=BENIS-W7,OU=OLD Comps,DC=Biomed
CN=BOLGA-PC,OU=W7,OU=Metal Institute,DC=Biomed
CN=BUSDEVSTUDXP-1,OU=OLD Comps,DC=Biomed
CN=BUSDEVSTUDXP-4,OU=OLD Comps,DC=Biomed
CN=AMITUSER19,OU=AMIT Desktops,OU=AMIT,DC=Biomed
0
 
LVL 40

Accepted Solution

by:
footech earned 500 total points
ID: 40456304
Maybe this is what you want?
Search-ADAccount -AccountInactive -TimeSpan "90" -computersOnly | Select @{n="parentOU";e={ ((($_.DistinguishedName -split "OU=")[-1]) -split ",")[0] }},Name

Open in new window

0
 

Author Comment

by:nesher13
ID: 40456718
footech,

excellent!!!

only ignores the container Computers
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

632 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question