Powershell get-aduser not showing all results

active-directorypowershellwindows-server-2012-r2

I'm trying to pull some data from AD but am getting some confusing results. I'm running:

Get-ADUser -Filter * -Properties * | select userPrincipalName, msTSLSProperty01

and it presents me with all users, 6 of which have something in the msTSLSProperty01 field. The confusing thing is that it should return 42 users with something in that field. Any reason it shows blank for users who have data in that field?

Edit 1: In addition, when I run:

Get-ADUser username -Properties msTSLSProperty01 | select msTSLSProperty01

it returns and empty set.

Best Answer

If you have multiple DCs in your environment, you may just be seeing replication delays if the changes you are expecting were only recently written to those user attributes. Powershell might be querying a different DC than whatever other tool you're using to verify those attributes exist. You can explicitly tell PowerShell to talk to a specific DC with the -Server argument in the Get-ADUser command.

Alternatively, you might have permissions issues preventing you from reading that attribute for a subset of your users.

Related Solutions

Windows – list all users in Active Directory that do not have any data in the NAME field, using PowerShell

There are a few ways to go about this:

Get-ADUser -LDAPFilter "(!GivenName=*)" | ft samAccountName

Get-ADUser -Filter * | Where {$_.GivenName -eq $Null -OR $_.Surname -eq $Null -OR $_.Name -eq $Null} | select samAccountName

That should work for you.

Added a second command that will check if any of the "name" fields are blank.

Powershell – Getting AD username from first name and surname in CSV file

Add as the first line of your CSV file a row containing the column headers for your file. You then use those headers as the property names when iterating through the file.

So your file should look something like:

Firstname,Lastname
Joe,Schmoe
John,Doe
Jane,Doe

~~Then your code should work as is.~~

Also, the filter seems not to like $Name.lastname. I'm not sure exactly why, but even property expansion is not doing the trick. If you collapse this into a single string variable it work:

$names = Import-CSV C:\path\to.csv
ForEach ($Name in $Names)
{
    $nameFilter = $Name.Firstname
    Get-ADUser -Filter { GivenName -like $nameFilter }
}

Best Answer

Related Solutions

Windows – list all users in Active Directory that do not have any data in the NAME field, using PowerShell

Powershell – Getting AD username from first name and surname in CSV file

Related Topic