Solved

powershell get-aduser output returned to an array

Posted on 2014-12-31
14
213 Views
Last Modified: 2015-06-29
OK
So I am very new to Powershell and I have been looking for this answer for a few days with no luck. So here goes;

What I am trying to get is a list of AD Users and some of the property information; the script I have written is returning the data but not in the format that I need it to be in.

#retreives last authenticated Domain controller from environment variables
$DCname = $env:LOGONSERVER -replace “\\”, “”
$DCname

#retreives domain name
$TLD = $env:userdnsdomain
$TLD

# concatenates the above to create a FQDN for the DC
$Currentdc = $dcname+"."+$tld
$currentdc

$ADSearchbase = "ou=SBSUsers,ou=Users,ou=MyBusiness,dc=multipondamerica,dc=com"

$ADProperties = "Enabled","CanonicalName","Displayname","MemberOf","Givenname","Surname","EmployeeNumber","EmailAddress","Department","StreetAddress","OfficePhone","PostalCode","City","Office","Company","Title","SID"

$ADSelected   = "Enabled","CanonicalName","Displayname","MemberOf","Givenname","Surname","EmployeeNumber","EmailAddress","Department","StreetAddress","OfficePhone","PostalCode","City","Office","Company","Title","SID"

$arrUsers = Get-ADUser -Filter 'enabled -eq $true -and pobox -eq 12345' -server $CurrentDC -SearchBase $ADSearchbase -Properties $ADProperties | select $ADSelected

$arrUsers

OUT PUT:
Enabled        : True
CanonicalName  : Domain.com/MyBusiness/Users/SBSUsers/User1
Displayname    : User1
MemberOf       : {CN=Exchange View-Only Administrators,OU=Microsoft Exchange Security Groups,DC=Domain,DC=com, CN=Exchange Organization
                 Administrators,OU=Microsoft Exchange Security Groups,DC=Domain,DC=com,
                 CN=SQLServer2005MSSQLUser$SERVER$BKUPEXEC,CN=Users,DC=Domain,DC=com, CN=SMSMSE Admins,CN=Users,DC=Domain,DC=com...}
Givenname      : User1
Surname        :
EmployeeNumber :
EmailAddress   : user1@domain.com
Department     :
StreetAddress  :
OfficePhone    :
PostalCode     :
City           :
Office         :
Company        :
Title          :
SID            : S-1-5-21-1314609501-1516500090-731184889-1663

Enabled        : True
CanonicalName  : Domain.com/MyBusiness/Users/SBSUsers/User2
Displayname    : User2
MemberOf       : {CN=Exchange View-Only Administrators,OU=Microsoft Exchange Security Groups,DC=Domain,DC=com, CN=Exchange Organization
                 Administrators,OU=Microsoft Exchange Security Groups,DC=Domain,DC=com,
                 CN=SQLServer2005MSSQLUser$SERVER$BKUPEXEC,CN=Users,DC=Domain,DC=com, CN=SMSMSE Admins,CN=Users,DC=Domain,DC=com...}
Givenname      : User2
Surname        :
EmployeeNumber :
EmailAddress   : user2@domain.com
Department     :
StreetAddress  :
OfficePhone    :
PostalCode     :
City           :
Office         :
Company        :
Title          :
SID            : S-1-5-21-1314609501-1516500090-731184889-1664

So instead of returning an array with 42 elements, it returns 2 elements
The array looks like this:
1
@{Enabled=True; CanonicalName=Domain.com/MyBusiness/Users/SBSUsers/Act Admin; Displayname=Act Admin; MemberOf=Microsoft.ActiveDirectory.Management.ADPropertyV
alueCollection; Givenname=User1; Surname=User1; EmployeeNumber=; EmailAddress=User1@Domain.com; Department=; StreetAddress=; OfficePhone=; PostalCode=; City=; Office=; Company=; Title=;
SID=S-1-5-21-1314609501-1516500090-731184889-1663}
2
@{Enabled=True; CanonicalName=Domain.com/MyBusiness/Users/SBSUsers/User2; Displayname=User2; MemberOf=Microsoft.ActiveDirectory.Management.ADProperty
ValueCollection; Givenname=User2; Surname=User2; EmployeeNumber=; EmailAddress=User2@Domain.com; Department=; StreetAddress=; OfficePhone=; PostalCode=; City=; Office=; Company=; Title=;
 SID=S-1-5-21-1314609501-1516500090-731184889-1664}

So I want to have an array with each piece of data in it and not a log string of data for each user.

Any help would be great.
Thanks
0
Comment
Question by:RonPatton61
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
  • 2
  • +1
14 Comments
 
LVL 40

Expert Comment

by:footech
ID: 40526468
I don't see a problem with the code.  If it's only returning 2 users, then it's probably due to the filter that you have for the Get-ADUser command.  For troubleshooting, just try "-filter *".
Your first example output is correct, I don't know where/how you are getting the second output.
0
 
LVL 70

Expert Comment

by:Qlemo
ID: 40526641
$arrUsers[0] contains the first user's data as an object with properties. There is no "long string of data", in fact it is a hash array with property name / value pairs.
What do you want the result for? Depending on that different access methods make sense.
0
 

Author Comment

by:RonPatton61
ID: 40526745
Yes, all of the data is there, but I am looking for something different.
I will try and ask the question a different way.
I am looking to address each segment of the data like a multidimensional array;
$arrUsers[0] is True
$arrUsers[1] is Domain.com/MyBusiness/Users/SBSUsers/User1
$arrUsers[3] is User1
$arrUsers[4] is {CN=Exchange View-Only Administrators,OU=Microsoft Exchange Security ....
.....
$arrUsers[11] is S-1-5-21-1314609501-1516500090-731184889-1663
$arrUsers[12] is True
$arrUsers[13] is Domain.com/MyBusiness/Users/SBSUsers/User2
$arrUsers[14] is User2
....
$arrUsers[22] is S-1-5-21-1314609501-1516500090-731184889-1664

I want to address each selected object as an element.

Thanks for your help
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
LVL 70

Expert Comment

by:Qlemo
ID: 40526801
Doable, but you don't know what each value means. And what about the second user?
0
 
LVL 40

Expert Comment

by:footech
ID: 40526806
I can't see any advantage doing it that way.  It's possible, but you lose most of the structure of the array as all elements will be different, and so any further processing is made much more difficult.

Can you describe what your goal is?  What you're describing doesn't sound like "the PowerShell way" to do things, and I think there's probably a better alternative.
0
 

Author Comment

by:RonPatton61
ID: 40526809
should be able to know by position in the array, if I am pulling 11 points of data then position 0-10 will be the first users information then the position 11-21 will be the second users information and 22-32 will be the third users information and so forth.
0
 
LVL 70

Expert Comment

by:Qlemo
ID: 40526850
$arrUsers = Get-ADUser -Filter 'enabled -eq $true -and pobox -eq 12345' -server $CurrentDC -SearchBase $ADSearchbase -Properties $ADProperties | % {
  foreach ($prop in $ADSelected) { $_.$p }
}

Open in new window

0
 

Author Comment

by:RonPatton61
ID: 40526902
The code above doesn't really return anything except the last element of SID. But I also don't really understand the % and the { $_.$p } doesn't make a lot of since either, but like I said this is new to me.

What I am doing is moving users from a SBS2008 domain to a new 2012 domain, exchange and data server so I need to gather all of the user information and then be able to finish the script where it will add the records to other servers as needed. Need to automate as much as I can, there are a lot of users. If I can gather all of the pertinent data to some type of an array where I know that position 0, 11, 22, 33, 44, etc, are the users names then I can gather that information and build the commands that I need.
0
 
LVL 70

Accepted Solution

by:
Qlemo earned 500 total points
ID: 40526920
There was a typo. Here the complete code (note I have removed $ADProperties, as those were the same as $ADSelected):
#retreives last authenticated Domain controller from environment variables
$DCname = $env:LOGONSERVER -replace “\\”, “”
$DCname

#retreives domain name
$TLD = $env:userdnsdomain
$TLD

# concatenates the above to create a FQDN for the DC
$Currentdc = $dcname+"."+$tld
$currentdc

$ADSearchbase = "ou=SBSUsers,ou=Users,ou=MyBusiness,dc=multipondamerica,dc=com"

$ADSelected   = "Enabled","CanonicalName","Displayname","MemberOf","Givenname","Surname","EmployeeNumber","EmailAddress","Department","StreetAddress","OfficePhone","PostalCode","City","Office","Company","Title","SID"

$arrUsers = Get-ADUser -Filter 'enabled -eq $true -and pobox -eq 12345' -server $CurrentDC -SearchBase $ADSearchbase -Properties $ADSelected | % {
  foreach ($prop in $ADSelected) { $_.$prop }
}
$arrUsers

Open in new window

The trick is to go thru the list of properties you want to have, and send their corresponding values to the pipe. $arrUsers is hence an array consisting of an uncstructured "stream" of values.
% { ... }   is foreach-object
0
 
LVL 35

Expert Comment

by:Seth Simmons
ID: 40850942
I've requested that this question be deleted for the following reason:

Not enough information to confirm an answer.
0
 
LVL 70

Expert Comment

by:Qlemo
ID: 40850943
http:#a40526920 answers the question as revised in http:#a40526745
0
 
LVL 70

Expert Comment

by:Qlemo
ID: 40852651
Recommendation: Accept http:#a40526920
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question