Strange behaviour with Filter in Powershell
I have a function, that seached our AD for security groups that contains a specified server name.
When I use different variants of the same server name, I get different results.
The function can be seen here. The filters are at line 49 and 75.
Function:
When I use different variants of the same server name, I get different results.
PS C:\Users\Me> GetServerGroups EFKM-WZ-IIS01T
RDP:
SG-EFKM-WZ-IIS01T_RDP_User
LOCAL ADMIN:
SG-EFKM-WZ-IIS01T_Local_Admin
PS C:\Users\Me> GetServerGroups WZ-IIS01T
RDP:
SG-EFKM-WZ-IIS01T_RDP_User
LOCAL ADMIN:
Der er ikke oprettet nogen ADMIN grupper, der matcher WZ-IIS01T
PS C:\Users\Me> GetServerGroups IIS01T
RDP:
Der er ikke oprettet nogen RDP grupper, der matcher IIS01T
LOCAL ADMIN:
SG-EFKM-WZ-IIS01T_Local_Admin
The function can be seen here. The filters are at line 49 and 75.
Function:
Function GetServerGroups()
{
<#
.EXAMPLE
ServerGroups SIT-CTXAPP0013 -Type admin
.EXAMPLE
ServerGroups SIT-CTXAPP0013 rdp
.EXAMPLE
ServerGroups SIT-CTXAPP0013 all
#>
[CmdletBinding()]
Param(
[Parameter(Mandatory=$True,Position=1)]
[Array]$srv,
[Parameter(Mandatory=$False,Position=2)]
[String]$Type
)
$srv = $srv -replace (" ","")
IF($Type -eq "all"){
Write-Host -BackgroundColor Yellow -foreGroundColor Black "ALLE GRUPPER:"
Foreach($sAll in $srv){
$all = Get-ADGroup -filter 'Name -like "*$sAll*"' #| Where {$_.Name -like "*$sAll*"}
If($all.length -lt 3){
Write-Host -foreGroundColor Red "Der er ikke oprettet nogen grupper, der matcher $sALL"
}
else{
foreach($allGrp in $all){
Write-Host $allGrp.name
}
}
Write-Host " "
}
}
ELSE{
#FINDS RDP USER SECURITY GROUPS THAT MATCHES THE SERVER NAME
If(($Type -eq "") -or ($Type -eq "rdp")){
Write-Host -BackgroundColor Yellow -foreGroundColor Black "RDP:"
Foreach($sRDP in $srv){
$RDPName = "$sRDP"
$RDP = Get-ADGroup -filter "Name -like '*$RDPName*'" `
-SearchBase "OU=Server RDP User,OU=Globale Security Groups,OU=Administration,DC=SUBDOMAIN,DC=DOMAIN,DC=DK" `
-SearchScope Subtree
#write-host $rdp
If($RDP.length -lt 3){
Write-Host -foreGroundColor Red "Der er ikke oprettet nogen RDP grupper, der matcher $sRDP"
}
else{
foreach($rdpGrp in $RDP){
Write-Host $rdpGrp.name
}
}
}
Write-Host " "
}
#FINDS LOCAL ADMIN SECURITY GROUPS THAT MATCHES THE SERVER NAME
If(($Type -eq "") -or ($Type -eq "admin")){
Write-Host -BackgroundColor Yellow -foreGroundColor Black "LOCAL ADMIN:"
Foreach($sLA in $srv){
$LAName = "$sLA"
$LOCADM = Get-ADGroup -filter "Name -like '*$LAName*'" `
-SearchBase "OU=Server Local Admin,OU=Globale Security Groups,OU=Administration,DC=SUBDOMAIN,DC=DOMAIN,DC=DK" `
-SearchScope Subtree
If($LOCADM.length -lt 3){
Write-Host -foreGroundColor Red "Der er ikke oprettet nogen ADMIN grupper, der matcher $sLA"
}
else{
foreach($LAGrp in $LOCADM){
Write-Host $LAGrp.name
}
}
}
Write-Host " "
}
}
}
Who is Participating?
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get this solution by purchasing an Individual license!
Start your 7-day free trial.
I wear a lot of hats...
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
Your syntax is fine. Another variation is
However, that should give identical results.
I'm not sure what the purpose of
If($LOCADM.length -lt 3)
is (only see one result in your original post - maybe you truncated the results?).
Are you running this on a DC? If so, are you in an elevated session?
$LAName = "*$sLA*"
$LOCADM = Get-ADGroup -filter {Name -like $LAName}
However, that should give identical results.
I'm not sure what the purpose of
If($LOCADM.length -lt 3)
is (only see one result in your original post - maybe you truncated the results?).
Are you running this on a DC? If so, are you in an elevated session?
Experts Exchange Solution brought to you by
Your issues matter to us.
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Start your 7-day free trial
I, have tried your variant as well and, as you point out, it gives the same result.
If($LOCADM.length -lt 3) just checks if there are anything.
I'm running it from a management server (2012 R2).
--------------------------
Could there be anything with the dashes in the servernames?
I simply can't figure out why the result vary, when it should be the same.
After all *EFKM-WZ-IIS01T*, *WZ-IIS01T* and *IIS01T* should give the same result.
If($LOCADM.length -lt 3) just checks if there are anything.
I'm running it from a management server (2012 R2).
--------------------------
Could there be anything with the dashes in the servernames?
I simply can't figure out why the result vary, when it should be the same.
After all *EFKM-WZ-IIS01T*, *WZ-IIS01T* and *IIS01T* should give the same result.
It was If($LOCADM.length -lt 3) that caused the strange behaviour. Changed it to If($LOCADM.count -eq 0) and now it works as supposed.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Powershell
From novice to tech pro — start learning today.
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get this solution by purchasing an Individual license!
Start your 7-day free trial.