Display specific OU of an AD-Object

Ask your PowerShell-related questions, including questions on cmdlet development!
Forum rules
Do not post any licensing information in this forum.

Any code longer than three lines should be added as code using the 'Select Code' dropdown menu or attached as a file.
This topic is 5 years and 5 months old and has exceeded the time allowed for comments. Please begin a new topic or use the search feature to find a similar but newer topic.
Locked
User avatar
bhnuser
Posts: 48
Last visit: Tue Nov 21, 2023 10:33 pm

Display specific OU of an AD-Object

Post by bhnuser »

Hello everybody,

i need your help. I would like to display a specific OU of an Object of our AD. The issue is that i want to display the OU only under "Country" (_Global, DE, IN)

For example (Get-ADUser):

Code: Select all

DistinguishedName                    : CN=Test\, User,OU=NewUsers,OU=_Global,OU=Country,DC=company,DC=com
DistinguishedName                    : CN=Test\, User2,OU=Users,OU=DE,OU=Country,DC=company,DC=com
DistinguishedName                    : CN=Test\, User3,OU=Users,OU=IT,OU=IN,OU=Country,DC=company,DC=com
As you can see, the OU is not always the same under Country. how can I best implement that I can only display the "_Global", "DE" or "IN" OUs?
For your information: The Path OU=Country,DC=company,DC=com is always the same

My approach:

Code: Select all

$user= get-aduser user
$path= $user.DistinguishedName
$path-split "," | where {$_ -like "OU=*"}

Result: 
OU=NewUsers
OU=_Global
OU=Country
I want to get only the OU=_Global

Best regards
Last edited by bhnuser on Thu Oct 25, 2018 1:34 am, edited 2 times in total.
jvierra
Posts: 15439
Last visit: Tue Nov 21, 2023 6:37 pm
Answers: 30
Has voted: 4 times
Been upvoted: 33 times

Re: Display specific OU of an AD-Object

Post by jvierra »

Create a list of OUs and query them in a loop.
To get a list of OUs:

Get-AdOrganizationalUnit -Filter * | Where{ $_.Name -match 'Global|DE|IN' }
User avatar
bhnuser
Posts: 48
Last visit: Tue Nov 21, 2023 10:33 pm

Re: Display specific OU of an AD-Object

Post by bhnuser »

Thank you for the fast response.
But i need to the right OU of the selected user from Get-AdUser (Attribut DistinguishedName).
Is there a solution that you may know?
# Edit first post
jvierra
Posts: 15439
Last visit: Tue Nov 21, 2023 6:37 pm
Answers: 30
Has voted: 4 times
Been upvoted: 33 times

Re: Display specific OU of an AD-Object

Post by jvierra »

No idea what you are trying to ask. Are you trying to get a user from a specific OU?
To get a users OU do this.

([adsi]('LDAP://' + ''CN=Test\, User,OU=NewUsers,OU=_Global,OU=Country,DC=company,DC=com')).Parent
User avatar
bhnuser
Posts: 48
Last visit: Tue Nov 21, 2023 10:33 pm

Re: Display specific OU of an AD-Object

Post by bhnuser »

Thank you. This is very helpful for me.
It's a little bit tricky. What i want is to display only the string "_Global", "DE" or "IN". This OUs are below the OU Country.

Like: company.com/Country/_Global, company.com/Country/DE or company.com/Country/IN
The rest of the path should be ignored. But i will try it now with your rudimentary
jvierra
Posts: 15439
Last visit: Tue Nov 21, 2023 6:37 pm
Answers: 30
Has voted: 4 times
Been upvoted: 33 times

Re: Display specific OU of an AD-Object

Post by jvierra »

Just get the Name:


([adsi]([adsi]"LDAP://$distinguishedName").Parent).Name
jvierra
Posts: 15439
Last visit: Tue Nov 21, 2023 6:37 pm
Answers: 30
Has voted: 4 times
Been upvoted: 33 times

Re: Display specific OU of an AD-Object

Post by jvierra »

Another quick way to get the name is to break it off the canonical name.

$user = get-aduser jvierra -Properties canonicalname
Split-Path (Split-Path $user.CanonicalName) -leaf
jvierra
Posts: 15439
Last visit: Tue Nov 21, 2023 6:37 pm
Answers: 30
Has voted: 4 times
Been upvoted: 33 times

Re: Display specific OU of an AD-Object

Post by jvierra »

Here is another quick trick:

$user.DistinguishedName -replace '.+?,OU=(.+?),(?:OU|DC)=.+','$1'
User avatar
bhnuser
Posts: 48
Last visit: Tue Nov 21, 2023 10:33 pm

Re: Display specific OU of an AD-Object

Post by bhnuser »

I thank you very much. It works for me now.
I realized it now with your first suggest:

Code: Select all

$distinguishedName = CN=Test\, User,OU=NewUsers,OU=_Global,OU=Country,DC=company,DC=com
or $distinguishedName = CN=Test\, User2,OU=Users,OU=DE,OU=Country,DC=company,DC=com
or $distinguishedName = CN=Test\, User3,OU=Users,OU=IT,OU=IN,OU=Country,DC=company,DC=com


$countOUs = $distinguishedName -split "," | where {$_ -like "OU=*"}

if($countOUs.count -eq 2)
{
    ([adsi]([adsi]"LDAP://$distinguishedName").Parent).Name
}
if($countOUs.count -eq 3)
{
    ([adsi]([adsi]([adsi]"LDAP://$distinguishedName").Parent).Parent).Name
}
if($countOUs.count -eq 4)
{
    ([adsi]([adsi]([adsi]([adsi]"LDAP://$distinguishedName").Parent).Parent).Parent).Name
}
I get everytime the OU _Global, DE or IN. I need to count back the OUs and use then the right .Parent
jvierra
Posts: 15439
Last visit: Tue Nov 21, 2023 6:37 pm
Answers: 30
Has voted: 4 times
Been upvoted: 33 times

Re: Display specific OU of an AD-Object

Post by jvierra »

You can also just do this:

$distinguishedName -replace '.*(Global|DE|IN),','$1'
This topic is 5 years and 5 months old and has exceeded the time allowed for comments. Please begin a new topic or use the search feature to find a similar but newer topic.
Locked