## Is Get-ADUser a bit slow in getting required result? Hello ADSISearcher using PowerShell.

Sometimes Get-ADUser just isn’t enough if you are working thousands upon thousands of AD Objects. In a recent scenario, while resolving an Active Directory Health issue. I needed the ability to be able to compare AD Objects from 2 Active Directory Domains from within a resource forest.

ADSISearcher is a command line driven LDAP Lookup procedure has the ability to query Active Directory. As ADSISearcher looks up Active Directory it enables a faster discovery of the required AD Objects.

#### My scenario

I need to ensure CustomAttribute10 in Child1.domain.com matches CustomAttribute10 in Child2.domain.com, yes I could use Get-ADUser | export-csv but this has proved to take to long and needed a faster solution.

ADSISearcher has proved to reduce the time required to execute this script and dumping out to a transcript file with “,” separating the text allows the information to be imported to excel if required.

#### The script

Clear-Host
Write-Host "You are currently running Version 1.0" -BackgroundColor DarkGray
[string] $Menu = @' ┌─────────────────────────────────────────────────────────────┐ ADSISearcher for CustomAttribute10 Created by @thewatchernode └─────────────────────────────────────────────────────────────┘ '@ Menu$Menu
Transcript
Start-Transcript -Path "$env:userprofile\Desktop\Child1vsChild2.txt" Start Time$start = [datetime]::Now
region Client Array
$Child1LDAPFilter = '(objectclass=user)'$PageSize = 1000
$Child1DN = 'DC=child1,DC=domain,DC=com'$Child1SB = 'DC=child1,DC=domain,DC=com'
$Child1Searcher = [ADSISearcher]('{0}' -f$child1LDAPFilter)
$Child1Searcher.SearchRoot = [ADSI]('GC://{0}' -f$Child1SB)
$Child1Searcher.SearchRoot = [ADSI]('GC://{0}' -f$child1DN)
$Child1Searcher.PageSize =$PageSize
$Child1Objects =$Child1Searcher.FindAll()
endregion
region Collab Array
$Child2SB = 'DC=child2,DC=domain,DC=com'$Child2DN = 'DC=child2,DC=domain,DC=com'
endregion
region Client vs Collab
Foreach($Object in$child1Objects){
$childca10 =$Object.Properties.'customattribute10'
$Child2LDAPFilter = "(objectclass=user,customattribute10=$childca10)"
$child2Searcher1 = [ADSISearcher]("{0}" -f$child2LDAPFilter)
$child2Searcher1.SearchRoot = [ADSI]("GC://{0}" -f$Child2SB)
$child2Searcher1.SearchRoot = [ADSI]("GC://{0}" -f$Child2DN)
$child2Searcher1.PageSize =$PageSize
#$AllObjects1 =$collabSearcher1.FindAll()
$nullvalue =$object.Properties.'customattribute10'
if ($nullvalue -eq$null)
{
Write-Host 'INFO, Null Value Found in Child Domain 1,' $Object.Properties.samaccountname -BackgroundColor Red } else { try { ($Object.Properties.'customattribute10' -eq $child2searcher1.Properties.'customattribute10') Write-Host 'Skipping, Attribute match found in Child domain 2 using Child domain 1,'$Object.Properties.samaccountname -ForegroundColor Green
}
catch
{
Write-Host 'INFO, No Attribute match found in Child domain 2 using Child domain 1,' $Object.Properties.samaccountname -BackgroundColor Red } } } endregion Stop Transcript Stop-Transcript End Time$end = [datetime]::Now
$resultTime =$end - $start Write-Host ('Execution : {0}Days:{1}Hr:{2}Min:{3}Sec' -f$resultTime.Days, $resultTime.Hours,$resultTime.Minutes, $resultTime.Seconds) #### Download Get-ADSISearcher (64 downloads) Regards The Author – Blogabout.Cloud ## QuickTip: PowerShell scripting – How long did it take to run the script? Have you ever wondered how long it took to run your script? Well, you dont need to wonder anymore. The following couple of lines will provide a visual output how long it take to execute your script from start to finish$Start = [system.datetime]::Now
{
Script run….
}
$End = [system.datetime]::Now$resulttime = $End –$Start
Write-Host: (‘Execution Time : {0}Days:{1}Hours:{2}Minutes:{3}Seconds’ -f $Resulttime.Hours,$Resulttime.Days, $Resulttime.Minutes,$Resulttime.Seconds)

Regards

## Discovering Distribution Lists using PowerShell

Do you have a requirement to understand how many Distribution Lists exist within your Exchange organization or need to understand if they actually being utilized? Well, this is something I have come across recently while working for the customer. They have a mass of distribution lists across their organization which they are trying to tidy up before migrating to Office 365. The organisation I was working for had over 100,000 distributions list but the state of them was unknown so what challenges did I face?

#### The challenges faced

• Unknown the number of DLs that had 0 members
• Unknown the number of DLs that had 0 managers
• Unknown the number of DLs that had invalid characters

#### The solution… PowerShell

So the following script was created to obtain the all the attributes listed before, this enable to put together a business case for which distribution lists should be deleted and which should be migrated.

• Distribution List Name
• SamAccountName
• GroupType
• DistinguishedName
• Managedby
• memberdepartrestriction
• memberjoinrestriction
• Number of Members
[CmdletBinding()]
param()
# Call Distribution Lists
$dist = @(Get-DistributionGroup -resultsize unlimited) # Start Transcript Start-Transcript -Path$env:USERPROFILE\desktop\transcript.txt
# Report on Distribution List
foreach ($dl in$dist)
{
$count =@(Get-DistributionGroup$dl.samaccountname).count
$report = New-Object -TypeName PSObject$report | Add-Member -MemberType NoteProperty -Name 'Group Name' -Value $dl.Name$report | Add-Member -MemberType NoteProperty -Name 'samAccountname' -Value $dl.samaacountname$report | Add-Member -MemberType NoteProperty -Name 'Group Type' -Value $dl.grouptype$report | Add-Member -MemberType NoteProperty -Name 'DN' -Value $dl.distinguishedName$report | Add-Member -MemberType NoteProperty -Name 'Manager' -Value $dl.managedby$report | Add-Member -MemberType NoteProperty -Name 'Member Depart Restriction' -Value $dl.memberdepartrestriction$report | Add-Member -MemberType NoteProperty -Name 'Member Join Restriction' -Value $dl.memberjoinrestriction$report | Add-Member -MemberType NoteProperty -Name 'PrimarySMTPAddress' -Value $dl.primartysmtpaddress$report | Add-Member -MemberType NoteProperty -Name 'Number of Members' -Value $count Write-Host ('INFO: {0} has {1} members' -f$dl.name, ($count))$reportoutput += $report } # Stop Transcript Stop-Transcript # Report$reportoutput | Export-Csv -Path $env:USERPROFILE\desktop\DistributionListReport.csv -NoTypeInformation -Encoding UTF8 Regards The Author – Blogabout.Cloud ## Goodbye OneNote 2016 from Office Portal Back in September 2018, Microsoft announced it would be removing OneNote from its Office installation and OneNote for Windows 10 will be the default going forward. Microsoft has now announced (12th Feb) that OneNote 2016 will be removed from the Office Portal for installation using Semi-Annual channel. So all installations from this post forward will not include OneNote 2016 by default when a user on the Semi-Annual channel using Office 365 on Windows 10 from the Office Portal. ## So what now? OneNote is available to download from the following url it is important to note that Microsoft are no longer developing new features for OneNote 2016. If you want to take advantage of the latest that OneNote has to offer, Microsoft state you should consider switching to OneNote for Windows 10 Regards The Author – Blogabout.Cloud ## Big News: Microsoft Teams being rolled out with Office 365 ProPlus (CDN) Finally, Microsoft Teams will be introduce into Office 365 ProPlus… Microsoft Teams will be introduced into the; • February Monthly Channel; the • March Semi-Annual Channel Targeted (SAC-T); and • July Semi-Annual Channel (SAC) But will automatically install Teams when Office 365 ProPlus is installed on new PCs and Macs. Now the million dollar question, how is it being introduced? As a Consultant that has delivered and spoke about Office ProPlus for a number of years, I do have concerns about how it’s going to be introduced and here’s why. Office 365 uses the (CDN) Content Delivery Network for providing updates to all the Office ProPlus products, is it not the case with Microsoft Teams. The update mechanism is completely different as the client is delivered by good old MSI so this will bring a number of questions and challenges to start; • What version of Office am I running? • What version of Teams am I running? • Does Teams need updating? • I have this weird problem but my colleague doesnt, is it version related? • etc.. etc… However, if they integrate Microsoft Teams into the CDN it is definitely the way forward and also allows the customer to exclude Teams in the configuration.xml (if this is a requirement). It is very early days and I am sure more information will be released in due case but until then I am looking forward to see what the future holds as Microsoft have stated Teams will automatically be installed for users who already have Office 365 ProPlus in the future.” So if you’re not using Microsoft Teams today Microsoft are making damn sure its available to increase adoption. The Author – Blogabout.Cloud ## MS-200: Planning and Configuring a Messaging Platform – Study Guide Planning on taking the MS-200 Exam but don’t know where to start with your studying? Well do not fear I am in the same boat and looking for the best way to study the required elements to pass MS-200. I have started building a list of all the elements which might be covered in the exam and will continue to update this page until all the things we need know are covered. If you have any suggestions, please leave a comment below. #### Manage Modern Messaging Infrastructure (45-50%) #### Manage Mail Flow Topology (35-40%) #### Manage Recipient and Devices (15-20%) Regards The Author – Blogabout.Cloud ## Merging Excel files using PowerShell, yes it can be done. Have you ever worked with Excel files where you wanted to match and compare Columns/Rows? In the past, this has been quite difficult tasks to achieve using the native commands within PowerShell. So have you heard of the PowerShell module ImportExcel? It’s is a PowerShell module that is available on the PowerShell Gallery and introduces a number of functions that allow you to work with Excel files using the good old blue background. From this module we will be working with the following function; • Merge-Worksheet Syntax Merge-Worksheet [-Referencefile] [-Differencefile] [[-WorksheetName] ] [-Startrow ] -Headername [[-OutputFile] ] [[-OutputSheetName] ] [-Property ] [-ExcludeProperty ] [-Key ] [-KeyFontColor ] [-ChangeBackgroundColor ] [-DeleteBackgroundColor ] [-AddBackgroundColor ] [-HideEqual] [-Passthru] [-Show] [-WhatIf] [-Confirm] [] ## Example usage of Function The below shows the Reference and Difference Excel files that are being used in this example. I am going to merge the two excel files based on Column A the EmployeeNumber. During my testing, I have had issues using -HeaderName parameter. In this post I will not be specifying the headings and just modify the output file. # Variables$ref = “$env:USERPROFILE\desktop\test\ref.xlsx”$dif = “$env:USERPROFILE\desktop\test\dif.xlsx”$out = “$env:USERPROFILE\desktop\test\out.xlsx” # Script Block Merge-Worksheet -Referencefile$ref -Differencefile $dif -OutputFile$out -WorksheetName Sheet1 -Startrow 1 -OutputSheetName Sheet1 -NoHeader

As we can see from below, the output field has organised Column A and aligned the rows

Every useful if you are working with Excel files but only annoying thing is the HeaderName parameter not working.

Regards

## Counting Exchange/Exchange Online Mailboxes with a specified SMTP Domain

When working with large organisations that have multiple SMTP Domains, you may run into a requirement where you need to know. How many mailboxes have blogabout.cloud as their PrimarySMTPAddress or have blogabout.cloud listed as their EmailAddress.

Using the below PowerShell snippet you can find out exactly

get-mailbox -resultsize unlimited | where {$_.primarysmtpaddress -like "*@blogabout.cloud"} | Measure-Object # Email Address get-mailbox -resultsize unlimited | where {$_.emailaddress -like "*@blogabout.cloud"} | Measure-Object

Regards,

## Working with Active Directory Attributes with multi-values.

It is common for organisations to use or create Active Directory Attributes that may contain multiple different values and when trying to obtain the information using PowerShell you might receive

Which isn’t helpful to man or beast. However, I have been recently working with custom attributes so its time to share my experiences once again. In this post I will be working with information that is located within my personal lab, where I have customattribute10 defined with O365.

# Command
Get-ADUser -Properties * -Filter * | Select-Object samaccountname,customattribute10 | export-csv -Path $env:USERPROFILE\desktop\test1.csv As you can see that from the above I am not receiving the desired output from Get-ADUser. So lets use a PowerShell string that obtains the required information Let’s discuss the below string in detail to explain what each part does @{name=” customattribute10 ”;expression={$_. customattribute10}}

The @ symbol, is the property you are retrieving is an array, which means it contains multiple values. Then you gave the property a name/label (you can name it anything you like). This will be the header of the column in the CSV file

@{name=” customattribute10 ”;

Then you provide an expression; this is the script block where you tell the PowerShell cmdlet what you are trying to fetch. For example; we want to fetch the values for the customattribute10 attribute.

expression={$_. customattribute10}} So, now we understand the require array to pull the multi-values from lets execute the below command # Command Get-ADUser -Filter * -Properties proxyaddresses,customattribute10 | select samaccountname, @{L='customAttribute10'; E={$_.customAttribute10}} | Export-Csv -Path $env:USERPROFILE\desktop\test.csv Now executing this command you will receive the correct output from the attribute which you desired. Regards The Author – Blogabout.Cloud ## Working with Active Directory using Get-ADUsers When working with Active Directory Users sometimes its a lot easier using PowerShell to obtain all the information you require from your environment. As a Consultant I have lost count how many times I’ve used PowerShell to get information out of Active Directory and its essential to your skill set. The most simple and effective way by running the following command, as it will dump all Active Directory Users and their properties to a CSV file located on your desktop # Command Get-ADUser -Filter * -Properties * | Export-CSV$env:userprofile\desktop\ADExport.csv

or

# Command
Get-ADUser -Filter * | Export-CSV $env:userprofile\desktop\ADExport.csv What if you only require bits of information? The command only targets the Name and SamAccountName Field. Simple right? # Command Get-ADUSer -Filter * -Properties Name,SamAccountName | Export-CSV$env:userprofile\desktop\ADExport.csv

or

# Command
Get-ADUSer -Filter * -Properties * | Select-Object -Property Name,SamAccountName | Export-CSV \$env:userprofile\desktop\ADExport.csv

The possibilities are endless, you can call all everything from the below table because it exists on the AD object by default. If you have used ExtensionAttributes or CustomAttributes you can also call these as well by adding them to your filter.