stackoom
  简体   繁体   中英

Retrieve Manager name for each user in AD using powershell

 原文  2015-07-09 18:43:00       powershell/ active-directory

Question

I am trying to dump an OU (Staff) in our AD to a specific format

"name" -> "Manager";

I am zeroing in but I'm hitting a wall with the following code

get-aduser -filter * -SearchBase "OU=Staff,DC=whatever,DC=local" |  get-aduser -Properties Manager | Select Name,Manager

The output for manager is returned as: 

CN=Sharon Doe,OU=Staff,DC=whatever,DC=local

Also I am unsure how to wrap the text in quotes and insert the arrow between name and manger

Thanks if you can point me in the right direction

this is my sudo working code so far

Import-Module ActiveDirectory  
 $users = $null
 $i = $null  
 $users = Get-ADUser -SearchBase "ou=Staff,dc=whatever,dc=local" -filter * `  -property description  
 ForEach($user in $users)  
  {  

      $user.name + >>>Get-ADUser($users.manager).name**<<<

      $i++  

 }  
"$i users"

2 answers

solution1
 6  2015-07-09 19:02:39

You can use

(Get-ADUser "CN=Sharon Doe,OU=Staff,DC=whatever,DC=local").DisplayName

to fetch the manager's user object and grab the DisplayName instead of the DN.

If you don't feel confident working with calculated properties (see below), you can use it inside a foreach loop:

$Users = Get-ADUser -filter * -SearchBase "OU=Staff,DC=whatever,DC=local" -Properties Manager 

foreach($User in $Users){
    $Manager = Get-ADUser $User.Manager -Properties DisplayName
    $ManagerName = $Manager.DisplaýName

    "$($User.Name) -> $ManagerName"
}

You could also use it inside a calculated property when using Select-Object :

$Users = Get-ADUser -filter * -SearchBase "OU=Staff,DC=whatever,DC=local" -Properties Manager 
$Users | Select Name,@{label="Manager";expression={(Get-ADUser $_.Manager -Properties DisplayName).DisplayName}}

If the Select statement gets too unreadable, you can always make a splatting table with the properties:

$NameManager = @{
  "Property" = @(
    "Name"
    @{
      Label = "Manager"
      Expression = {
        Get-ADUser $_.Manager -Properties DisplayName |Select -Expand DisplayName
      }
    }
  )
}

$Users | Select-Object @NameManager

solution2
 0  2022-06-29 22:54:18

I use PowerShell regex to filter only the friendly name portion of the manager from the DN for the "Manger" attribute in the AD user object properties, see below:

$newUser = Get-ADUser -Identity someUser1 -Properties *
$newUser.Manager

Output: CN=Some Manager1,OU=IT,DC=YOUR,DC=DOMAIN,DC=COM

$newUser.Manager.split(',')[0].trim('CN=')

Output:

Some Manager1

In addition, you could use the following filter as well, but I feel it is more code than necessary, trim does what we want with less typing and complexity (Not going into why one is better than the other, we haven't talked scale about this ask):

CN=someUser1,OU=IT,DC=YOUR,DC=DOMAIN,DC=COM
$newUser.Manager.split(',')[0] -replace 'CN=',''

Output:

Some Manager1

For completeness, you should know the type of your final state, you can get this with the following:

($newUser.Manager.split(',')[0].trim('CN=')).GetType()

OR

($newUser.Manager.split(',')[0] -replace 'CN=','').GetType()

Output:

IsPublic IsSerial Name                                     BaseType                                                                                                                                                           
-------- -------- ----                                     --------                                                                                                                                                           
True     True     String                                   System.Object

Now you know your final value is of type 'string'!

Lastly, you can trap your value in a variable:

$Mgr = $newUser.Manager.split(',')[0].trim('CN=')

Okay, I found a bug in my regex using trim logic, if an user has a DN that starts like the following:

CN=Nicholas

Then the output using $newUser.Manager.split(',')[0].trim('CN=') is as follows:

icholas

This is because trim truncates any matching character, not the whole string specified, where as -replace does it based on the string as shown below:

$newUser.Manager.split(',')[0] -replace 'CN=',''

Output:

Nicholas

FINAL SOLUTION: So, I recommend the following as a final solution:

$newUser.Manager.split(',')[0] -replace 'CN=',''

My apologies for the oversight, I now remember seeing others mention this online and I completely forgot about it. Once again, I apologize for the confusion.

Enjoy!

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Getting user name through AD using powershell Using PowerShell, set the AD home directory for a user, given the display name Move AD User using powershell Powershell: AD user MemberOf > Object Canonical name Renaming AD user object name in powershell How to display AD group name next to AD user with PowerShell Reset AD User Password using PowerShell Issue how to update UsageLocation of AD User using powershell Powershell retrieve User Login Name, not samAccountname How can I extract multiple attributes of manager in AD using Powershell?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM