I'm trying to make a function so that I can more quickly lookup somebody's phone number or reverse lookup an extension.
So far I have this saved as a ps1 file:
$find=$args[0]
Get-ADUser -properties * -LDAPFilter "(samaccountname*$find*)" | ft samaccountname,Name,telephone number
Get-ADUser -properties * -LDAPFilter "(telephonenumber=555 555-*$find*)" | ft samaccountname,Name,telephonenumber
The code works, but obviously I get red error code for either the first or second condition every time. I've tried (|(This)(That))
, I've tried -erroraction silentlycontinue
, I've tried -LDAPFilter (This) -OR (That)
.
What I'm ultimately after is a function I can add to my profile, so that I can type either:
lookup ABC
lookup 2948
and it will do a forward lookup or a reverse lookup. It can be a loose search and return a few too many results if necessary.
(|(firstClause)(secondClause))
is the correct syntax for OR
filters in LDAP - that's not your problem.
Both filter clauses contain syntactical errors.
The first one should be (notice the =
):
(samaccountname=*$find*)
The second one is invalid because only leading or trailing *
is permitted. You could do:
(telephonenumber=*$find*)
and then use Where-Object
to narrow the results to numbers with the proper prefix:
Get-ADUser -Properties telephonenumber -LDAPFilter "(|(samaccountname*$find*)(telephonenumber=*$find*))" |Where-Object { $_.telephoneNumber -like "555 555-*"}
Be aware that leading *
are horribly slow due to the way these values are looked up internally in Active Directory.
I would probably specify two parameters and two separate parameter sets. Example:
# Get-User.ps1
[CmdletBinding(DefaultParameterSetName="SamAccountName")]
param(
[Parameter(ParameterSetName="SamAccountName",Position=0,Mandatory=$true)]
[String] $SamAccountName,
[Parameter(ParameterSetName="TelephoneNumber",Position=0,Mandatory=$true)]
[String] $TelephoneNumber
)
$params = @{
"Properties" = "*"
"LDAPFilter" = ""
}
switch ( $PSCmdlet.ParameterSetName ) {
"SamAccountName" {
$params.LDAPFilter = "(sAMAccountName=$SamAccountName)"
}
"TelephoneNumber" {
$params.LDAPFilter = "(telephoneNumber=$TelephoneNumber)"
}
}
Get-ADUser @params
With this you could write:
Get-User thisusername
or
Get-User -TelephoneNumber thisphonenumber
I would caution against using -Properties "*"
as this will be quite slow. Better to specify the list of attributes you want to see.
Re-read your question and edited. This will work for you, you can add your formatting and returned properties as you see fit.
function lookup {
param (
[Parameter(Mandatory=$True,Position=1)]
[string]$search
)
if ($search -match '[a-z][A-Z]'){
return (Get-ADUser $search -Properties TelephoneNumber).TelePhoneNumber
}
if ($search -match '[0-9]'){
return Get-ADUser -Properties TelephoneNumber -Filter "TelephoneNumber -like '*$search*'"
}
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.