Powershell script to search all AD Attributes for specific value

Is there a way to search all Active Directory attributes for a specific/Specified value?

Get-AdUser -Filter * -SearchBase "OU=Staff, OU=Tree, DC=...ect" -Properties * |
Where {$_.Properties -like "*Whatever*"} | Select GivenName, Surname, SamAccountName |
Export-csv .\path\Who_is.csv -NoTypeInformation

Where I'm having a hard time is the statement after Where {what should this value be?  -like "*whatever*"}

Thank you in Advance!

May 29th, 2015 11:12am

No, there is no filter that will search for a string in all attributes. The solution is to dump the value of all attributes to a text file, and then search the text file. This is straightforward if you are only searching one user. Otherwise you must dump the values of all attributes for all users, which can be a lot. There is no way to even restrict the output to string attributes.

If you can restrict your search to a list of attributes, say 30 or so, you could construct a filter that OR's all of them. I have used filters with many clauses, like maybe 100, and it works. The filter could be similar to:

-LDAPFilter "(|(sn=*string*)(givenName=*string*)(description=*string*)(displayName=*string*))"
The "|" character is the OR operator. LDAP syntax would be more compact.

Free Windows Admin Tool Kit Click here and download it now
May 29th, 2015 11:39am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics