2,187
edits
Difference between revisions of "Active Directory (PowerShell)"
Jump to navigation
Jump to search
Active Directory (PowerShell) (view source)
Revision as of 11:48, 10 June 2013
, 11:48, 10 June 2013→Get-ADUser examples: Added Distinguished Name
m (→Groups: Added another Get-ADGroups examples) |
(→Get-ADUser examples: Added Distinguished Name) |
||
| Line 83: | Line 83: | ||
</source> | </source> | ||
* '''LastLogonDate''' - Be aware that the last logon date field typically has an accuracy/tolerance of 14 days, AD intentionally doesn't update the field at every logon from the user/device object so as to reduce the amount of data replication between domain controllers | * '''LastLogonDate''' - Be aware that the last logon date field typically has an accuracy/tolerance of 14 days, AD intentionally doesn't update the field at every logon from the user/device object so as to reduce the amount of data replication between domain controllers | ||
==== Distinguished Name ==== | |||
You can't filter using wildcards for the Distinguished Name filed (see http://social.technet.microsoft.com/Forums/en-US/ITCG/thread/e6f5a98d-62d1-4659-b328-ebab6f546cc4). | |||
As a workaround, do a generic export from AD and pipe it through a <code>Where-Object</code> CmdLet (not that if you have a large number of users in AD this isn't particularly efficient). | |||
<source lang="powershell"> | |||
$users = Get-ADUser -Filter * | Where-Object {$_.DistinguishedName -like "*,CN=OuFolder,*"} | |||
</source> | |||
=== <code>New-ADUser</code> examples === | === <code>New-ADUser</code> examples === | ||