PowerShell - Limit the search to only one OU
Ive got this cmdlet and I'd like to limit the results to only one OU:
Get-ADUser -Filter {(Enabled -eq $false)} | ? { ($_.distinguishedname -notlike '*Disabled Users*') }
Now Ive tried to use
-searchbase "ou=FirstOU,dc=domain,dc=com"
But if I use -SearchBase I get this error:
Where-Object : A parameter cannot be found that matches parameter name 'searchb
ase'.
At line:1 char:114
+ Get-ADUser -Filter {(Enabled -eq $false)} | ? { ($_.distinguishedname -notli
ke '*Disabled Users*') } -searchbase <<<< "ou=FirstOU,dc=domain,dc=com"
+ CategoryInfo : InvalidArgument: (:) [Where-Object], ParameterBi
ndingException
+ FullyQualifiedErrorId : NamedParameterNotFound,Microsoft.PowerShell.Comm
ands.WhereObjectCommand
What Im trying to do is to get all the disabled users from a specific OU, BUT, there is an OU INSIDE that FirstOU that I want to exclude: the "Disabled Users" OU.
as you might have guessed I want to find disabled users in a specific OU that are not in the "Disabled Users" OU inside that OU.
my structure:
Forest
FirstOU
Users,groups,etc...
Disabled Users OU
Solution 1:
The -SearchBase parameter has to be used with Get-ADUser, not Where-Object (aliased by ?). This should work:
Get-ADUser -Filter {(Enabled -eq $false)} -SearchBase "ou=FirstOU,dc=domain,dc=com" | ? { ($_.distinguishedname -notlike '*Disabled Users*') }
Solution 2:
The easiest way to limit the search to one OU is using SearchScope:
Get-ADUser -Filter {(Enabled -eq $false)} -SearchScope OneLevel -SearchBase "ou=FirstOU,dc=domain,dc=com"
Solution 3:
Easiest way would be to put the -SearchBase before the -Filter.
Get-ADUser -searchbase "ou=FirstOU,dc=domain,dc=com" -Filter {(Enabled -eq $false)} | ? { ($_.distinguishedname -notlike '*Disabled Users*') }
Gets around the problem of having to use -SearchBase with Get-ADUser, and not Where-Object (? is aliased to Where-Object in PowerShell) by running the Where-Object after you've already passed your -SearchBase to Get-ADUser.