What -filter attribute can I use to search for this?
I am trying to push an attribute from a group of AD Contacts to their corresponding AD Users. The Contacts are in AD with their displayName formatted such as "FirstName LastName" or like "Tony Stark". Their corresponding AD
Users are all identified as "LastName, Firstname" or like "Stark, Tony". I am not sure how to do a "get-aduser" with the searchbase OU included, and how to filter to match the contact to the user so the attributes can be
pushed correctly. I have tried a lot of things, but nothing returns the right AD user. I have thought about reformatting the output of the displayName from the Contact, but it would need to be done manually and there are several hundred of them.
My thought is trying to use whatever search mechanism as the "Find" tool in "AD Users and Computers" field, as it will return the proper AD user, even if the name formatting is different. It seems to be the only search where the
order of the firstname and lastname does not matter when matching the values.
January 14th, 2014 12:42pm
Hi,
I think this is close to what you're looking for:
$strContact = 'Tony Stark'
$arrContact = $strContact.Split(' ')
$filterName = "$($arrContact[1]), $($arrContact[0])"
Get-ADUser -Filter "Name -eq '$filterName'"
January 14th, 2014 1:51pm
Thanks. I will test this out and let you know.
January 14th, 2014 2:13pm
So each user has a contact object and a user object in AD, and the only link is the RDN (the value of the cn attribute), but in different formats.
If the first name and last name fields in ADUC are filled in (the givenName and sn attributes), or if the displayName of the user is in the same format as the RDN of the contact, then you can use ANR (Ambiguous Name Resolution) and the -LDAPFilter parameter.
For example:
$Contact = "John Stark"
Get-ADUser -LDAPFilter "(anr=$Contact)"
More on ANR here:
http://www.rlmueller.net/AmbiguousNameResolution.htm
January 14th, 2014 2:35pm
Thanks!
This worked...sorta. I read the page you sent me, and the issue I have is that some of my users have three or four names. So, for example...."Anthony Edward Stark". According to the page, ANR only uses the first space as a break...so it
would search for "Anthony" and "Edward Stark" as separate values. Is there a way to change that? So it would search for "Anthony Edward" and "Stark"?
January 14th, 2014 3:55pm
Adjustment for variable name lengths:
$strContacts = 'Tony Stark', 'Anthony Edward Stark'
foreach ($strContact in $strContacts ) {
$arrContact = $strContact.Split(' ')
$filterName = "$($arrContact[-1]), "
for ($i = 0 ; $i -lt $arrContact.Count - 1 ; $i++ ) {
$filterName += "$($arrContact[$i]) "
}
$filterName = $filterName.Trim()
Get-ADUser -Filter "Name -eq '$filterName'"
}
January 14th, 2014 4:09pm
ANR is a feature of AD and we cannot change how it works. I think Mike's code is a good solution.
January 14th, 2014 4:18pm
Thank you guys so much for helping me on this. I am reading through this and trying to make sure I understand it all. I am still a novice with arrays. I am with it up till "$arrContact = $strContact.Split(' ')". I don't understand
how "$filterName = "$($arrContact[-1]), "" sets the last name using the [-1]? When the array splits the names, doesn't it start at 0?
Thanks again for all the help.
January 14th, 2014 4:36pm
Here's an overly chatty example that will show you what's happening:
$strContacts = 'Tony Stark', 'Anthony Edward Stark'
Write-Host 'User names:'
$strContacts
Write-Host
foreach ($strContact in $strContacts ) {
Write-Host "Start of loop. Processing $strContact now."
$arrContact = $strContact.Split(' ')
Write-Host
Write-Host "$strContact has been split apart into individual array elements based on a space character. The elements are below:"
$arrContact
Write-Host
Write-Host 'Start building filterName variable. Index of -1 gets the last element in the array.'
$filterName = "$($arrContact[-1]), "
$filterName
Write-Host
Write-Host "Loop through the remaining names in the contact. Need to process $($arrContact.Count-1) names."
for ($i = 0 ; $i -lt $arrContact.Count - 1 ; $i++ ) {
$filterName += "$($arrContact[$i]) "
Write-Host "filterName variable is now $filterName"
}
Write-Host
Write-Host "Now we need to trim off the trailing space character."
$filterName = $filterName.Trim()
Write-Host "The final value of filterName is $filterName"
Write-Host
Write-Host 'Attempting to get the user object via Get-ADUser now:'
Write-Host
Get-ADUser -Filter "Name -eq '$filterName'"
Write-Host 'End of loop.'
Write-Host
}
January 14th, 2014 4:55pm