Solved

create a PS script to read txt file of names and list AD fields.

Posted on 2014-12-05
7
118 Views
Last Modified: 2014-12-24
Hi,

Can someone advise how to create a PS script to read a txt file of names and list the following fields in AD:

Login Name
First Name
Last Name
OU        
Email address
Address
City                      
State
ZIP or equivalent
Phone Number

Also, in the txt file, should I put the DN of the users or should I use SAMIDs?

Please advise.

Thanks.
0
Comment
Question by:nav2567
7 Comments
 
LVL 78

Expert Comment

by:David Johnson, CD, MVP
ID: 40484232
use samaccountname
For these what do you want (home/business/fax)
Address
City                      
State
ZIP or equivalent
Phone
0
 

Author Comment

by:nav2567
ID: 40485103
Thanks.

I used to use the command ldifde long time ago but I would like to try a Powershell script to achieve the same result.

Can you please write a simple sample script so I can reference to get started?
0
 
LVL 39

Accepted Solution

by:
footech earned 500 total points
ID: 40485253
You can use either the samAccountName or DistinguishedName in the text file.  I'll leave it up to you to decide which is easier.  There's a default set of properties that are retrieved by Get-ADUser.  If you want others you have to specify them.  Since OU isn't an attribute of an AD object, you have to use a calculated property (i.e. I'm calculating the OU from the DistinguishedName).
Get-Content file.txt |
 Get-ADUser -Properties Mail,StreetAddress,City,State,postalCode,telephoneNumber |
 Select samAccountName,GivenName,Surname,@{n="OU";e={($_.DistinguishedName -split ",",2)[-1]}},Mail,StreetAddress,City,State,postalCode,telephoneNumber

Open in new window

0
 
LVL 21

Expert Comment

by:dan_blagut
ID: 40485270
Hello
Here you can find a good approach and all fields
https://gallery.technet.microsoft.com/scriptcenter/Getting-Users-ALL-7417b71d

in the command line you should list all fields and use -AutoSize and  -Width paramteres to see all data.
get-content c:\users.txt | get-aduser -pr SamAccountName,FirstName, sn....|out-file .\output.txt

Anyway, the OU field can't be extracted (you can calculated this field from CN later)

Dan
0
 
LVL 23

Expert Comment

by:Coralon
ID: 40485911
You can do this without a special module by leveraging .Net.
Using the samaccountname is definitely the easiest way to go, since they are guaranteed to be unique.
$Users = get-content -path c:\temp\users.txt
$SearchRoot = New-Object -TypeName System.DirectoryServices.DirectoryEntry("LDAP://OU=users,dc=domain,dc=com"

$Users | foreach-object {
      $user = $_
      $ADSI = [adsisearcher]"(objectCategory=user)(samaccountname=$user)"
      $ADSI.SearchRoot = $SearchRoot
      $UserObject = $ADSI.FindOne()
      $Properties = $UserObject | select-object -property samaccountname,givenName,sn,dn,mail,streetAddress,city,state,postalCode,telephoneNumber 
      $Properties -join "," | out-file -filepath c:\temp\UserProperties.csv -append
}

Open in new window


This isn't 100% tested, but it should work.  

Coralon
0
 
LVL 39

Expert Comment

by:footech
ID: 40486053
Using the samaccountname is definitely the easiest way to go, since they are guaranteed to be unique.
By that statement I would have to say that you're implying that the distinguishedname isn't unique, which would be false.

But it is a good point about another option besides the AD cmdlets.
0

Join & Write a Comment

Active Directory replication delay is the cause to many problems.  Here is a super easy script to force Active Directory replication to all sites with by using an elevated PowerShell command prompt, and a tool to verify your changes.
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now