Get-ADUser -LDAPFilter using AND and OR
Question
I'm trying to build a script, a portion of which will select users by a couple of variables and put them into a variable as an array. The users must have "CONTRACTOR" in their description and their reporting manager must be one of four individuals. I have gotten the script to work when matching the "CONTRACTOR" description and a single reporting manager. Here is an example of what I'm doing.
$ADAccounts = Get-ADUser -LDAPFilter "(&(description=CONTRACTOR)|(manager=CN=Manager1 Name,OU=Users,OU=Location,OU=USA,DC=domain,DC=com)(manager=CN=Manager2 Name,OU=Users,OU=Location,OU=USA,DC=domain,DC=com))"
I'm sure what I'm missing is simple, but I haven't been able to find it when looking through other posts. Thanks in advance for your help!
1 answers
solution1
2 ACCPTED 2020-05-27 15:03:03
Just like with & , you need to group the clauses together under a single clause with the | operator as the first element:
Get-ADUser -LDAPFilter '(&(description=CONTRACTOR)(|(manager=CN=Manager1 Name,OU=Users,OU=Location,OU=USA,DC=domain,DC=com)(manager=CN=Manager2 Name,OU=Users,OU=Location,OU=USA,DC=domain,DC=com)))'
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.