Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Get AD Usernames - List

Posted on 2016-09-14
7
Medium Priority
?
42 Views
Last Modified: 2016-10-04
What is the full command: "Get-QAD ...

to get all users from a specific OU?

Also to get this list into a file (TXT or XML)
??

-
Thanks,
0
Comment
Question by:mvalencia2003
  • 3
  • 2
  • 2
7 Comments
 
LVL 12

Expert Comment

by:Gary Dewrell
ID: 41799053
get-qaduser | where {$_.Path -like "*OU=IT*"}

Output to txt file
get-qaduser | where {$_.Path -like "*OU=IT*"} | Out-File c:\temp\ITMembers.txt

Output to xml
get-qaduser | where {$_.Path -like "*OU=IT*"} | Export-Clixml c:\temp\itmembers.xml
0
 
LVL 4

Author Comment

by:mvalencia2003
ID: 41799169
this is searching all accounts in domain: get-qaduser | where {$_.Path -like "*OU=IT*"}

How is OU entered?

Thanks , ...
0
 
LVL 12

Expert Comment

by:Gary Dewrell
ID: 41799686
get-qaduser does not have a built in filter for OU.  You could use the -ldap filter option but I have seen some weirdness from this so the above is what I use in my environment. Let me step you through it.

if you look at a single account:

get-qaduser YourUser | select path
you will see something like this:
LDAP://mydomain.domain.com/CN=Doe\, John,OU=IT,OU=Dallas,DC=mydomain,DC=COM

You have to read it backwards. From this return I see the user Jonhn doe is in the OU IT under the OU Dallas in the mydomain domain.

So If I want to return a list of everyone in the IT OU the above command gets all users and then filters the result by anyone with a path that has the phrase "OU=IT" .

If you were searching for those in the accounting OU you would change it to $_.Path -like "*OU=Accounting*"
0
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

 
LVL 4

Author Comment

by:mvalencia2003
ID: 41799709
so what if OU is: mydomain.domain.com\company\students\group1

??


Thanks , ...
0
 
LVL 12

Expert Comment

by:Gary Dewrell
ID: 41799714
If group1 is unique, i.e. no other OU named group1 then use:

$_.path -like "*group1*"
0
 
LVL 40

Accepted Solution

by:
Subsun earned 2000 total points (awarded by participants)
ID: 41800412
Use -SearchRoot parameter to specify a OU.
Get-QADUser -SearchRoot 'CN=Users,DC=SS64,DC=com'

Open in new window

Ref : http://ss64.com/ps/get-qaduser.html
To Export
Get-QADUser -SearchRoot 'CN=Users,DC=SS64,DC=com' | Export-CSV C:\report.csv -nti

Open in new window

To export specific properties..
Get-QADUser -SearchRoot 'CN=Users,DC=SS64,DC=com' | Select DisplayName,SamAccountname,Mail  | Export-CSV C:\report.csv -nti

Open in new window

0
 
LVL 40

Expert Comment

by:Subsun
ID: 41827715
Question was to get list of users from a specific OU using Get-QADUser command. Solution is to use -SearchRoot parameter as explained in my comment.
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question