Hello all,
I was hoping you might be able to help me. I have a script that brings back all user objects that meet a set of conditions. I've written an LDAP filter and ran the query in one of my tools (Softerra LDAP Browser) and it works fine. However, when I use the filter in a Powershell Get-ADUser script it doesn't return any results. Any idea why? Here is the script:
$attribs = @("employeeNumber","givenName","initials","sn","name","title","jobClassCode","affiliation","entity","department","providerNumber","company","office","officePhone","pager","physicalDeliveryOfficeName","samAccountName","userPrincipalName","cn","displayName","description","info","distinguishedName","enabled","whenCreated","whenChanged","lastLogonDate","passwordLastSet","mail","mailNickName","imrPID","imrUID","manager","managerEmployeeNumber","managerMail")
$outputFile = "C:\Documents\AD\ADUser2.csv"
Get-ADUser -LDAPFilter "(&(objectclass=user)(samaccountname=*)(!(entity=resource))(!(samaccountname=$DUPLICATE*)))" -properties $attribs | select $attribs | Export-CSV $outputFil
Now I've tried a few different other options like:
1. Removing LDAPFilter and replacing it with -Filter {entity -ne "resource" -or samaccountname -notlike "$DUPLICATE"}
This runs and returns values but it doesn't appear to be filtering anything because I see user accounts with the attribute entity set to 'resource'.
2. Setting only a single filter (e.g. -Filter entity -ne "resource")
This works and filters out those user accounts but I really need to have the two filters.
Any ideas?