Link to home
Start Free TrialLog in
Avatar of Kasper Katzmann
Kasper KatzmannFlag for Denmark

asked on

Strange behaviour with Filter in Powershell

I have a function, that seached our AD for security groups that contains a specified server name.
When I use different variants of the same server name, I get different results.

PS C:\Users\Me> GetServerGroups EFKM-WZ-IIS01T
RDP:
SG-EFKM-WZ-IIS01T_RDP_User

LOCAL ADMIN:
SG-EFKM-WZ-IIS01T_Local_Admin

PS C:\Users\Me> GetServerGroups WZ-IIS01T
RDP:
SG-EFKM-WZ-IIS01T_RDP_User

LOCAL ADMIN:
Der er ikke oprettet nogen ADMIN grupper, der matcher WZ-IIS01T

PS C:\Users\Me> GetServerGroups IIS01T
RDP:
Der er ikke oprettet nogen RDP grupper, der matcher IIS01T

LOCAL ADMIN:
SG-EFKM-WZ-IIS01T_Local_Admin

Open in new window


The function can be seen here. The filters are at line 49 and 75.
Function: 
Function GetServerGroups()
{
<# 
  .EXAMPLE
  ServerGroups SIT-CTXAPP0013 -Type admin
  .EXAMPLE
  ServerGroups SIT-CTXAPP0013 rdp
  .EXAMPLE
  ServerGroups SIT-CTXAPP0013 all
  #> 

[CmdletBinding()] 
  Param(
  [Parameter(Mandatory=$True,Position=1)]
   [Array]$srv,
  [Parameter(Mandatory=$False,Position=2)]
   [String]$Type
	
    )

$srv = $srv -replace (" ","")

IF($Type -eq "all"){
    Write-Host -BackgroundColor Yellow -foreGroundColor Black "ALLE GRUPPER:"
    
    Foreach($sAll in $srv){
	    $all = Get-ADGroup -filter 'Name -like "*$sAll*"' #| Where {$_.Name -like "*$sAll*"}
        
        If($all.length -lt 3){
                Write-Host -foreGroundColor Red "Der er ikke oprettet nogen grupper, der matcher $sALL"
            }
        else{
            foreach($allGrp in $all){
                Write-Host $allGrp.name
            }
            }
    Write-Host " "
    }
	    
}
ELSE{
	
    #FINDS RDP USER SECURITY GROUPS THAT MATCHES THE SERVER NAME
	If(($Type -eq "") -or ($Type -eq "rdp")){
	Write-Host -BackgroundColor Yellow -foreGroundColor Black "RDP:"
	    Foreach($sRDP in $srv){

            $RDPName = "$sRDP"
	        $RDP = Get-ADGroup  -filter "Name -like '*$RDPName*'" `
                                -SearchBase "OU=Server RDP User,OU=Globale Security Groups,OU=Administration,DC=SUBDOMAIN,DC=DOMAIN,DC=DK" `
                                -SearchScope Subtree
	            
        #write-host $rdp
        If($RDP.length -lt 3){
                Write-Host -foreGroundColor Red "Der er ikke oprettet nogen RDP grupper, der matcher $sRDP"
            }
        else{
            foreach($rdpGrp in $RDP){
                Write-Host $rdpGrp.name
            }
            }
        
        
	    }
	
    	Write-Host " "
	}
    
    #FINDS LOCAL ADMIN SECURITY GROUPS THAT MATCHES THE SERVER NAME
	If(($Type -eq "") -or ($Type -eq "admin")){
	Write-Host -BackgroundColor Yellow -foreGroundColor Black "LOCAL ADMIN:"
	    Foreach($sLA in $srv){

            $LAName = "$sLA"
	        $LOCADM = Get-ADGroup   -filter "Name -like '*$LAName*'" `
                                    -SearchBase "OU=Server Local Admin,OU=Globale Security Groups,OU=Administration,DC=SUBDOMAIN,DC=DOMAIN,DC=DK" `
                                    -SearchScope Subtree
	            

        If($LOCADM.length -lt 3){
                Write-Host -foreGroundColor Red "Der er ikke oprettet nogen ADMIN grupper, der matcher $sLA"
            }
        else{
            foreach($LAGrp in $LOCADM){
                Write-Host $LAGrp.name
            }
            }

	
	    }
	
    	Write-Host " "
	}
}
}

Open in new window

Any ideas about why it acts so strange?
Avatar of Jason Crawford
Jason Crawford
Flag of United States of America image
You have to enclose variables with double quotes
Avatar of Kasper Katzmann
Kasper Katzmann
Flag of Denmark image

ASKER

Well, have tried that - with the same result.
ASKER CERTIFIED SOLUTION
Avatar of footech
footech
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Kasper Katzmann
Kasper Katzmann
Flag of Denmark image

ASKER

I, have tried your variant as well and, as you point out, it gives the same result.

If($LOCADM.length -lt 3) just checks if there are anything.

I'm running it from a management server (2012 R2).

-------------------------------

Could there be anything with the dashes in the servernames?
I simply can't figure out why the result vary, when it should be the same.

After all *EFKM-WZ-IIS01T*, *WZ-IIS01T* and *IIS01T* should give the same result.
Avatar of Kasper Katzmann
Kasper Katzmann
Flag of Denmark image

ASKER

It was If($LOCADM.length -lt 3) that caused the strange behaviour. Changed it to If($LOCADM.count -eq 0) and now it works as supposed.