1

PowerShell beginner here. Enjoying it so far!

I've got a list of users that I need to compare against AD. I've created a script to search for Get-ADUser Name and EmailAddress for each user, using an array of Divisions as filter.

If AD user is found, write-host user found, show Name, EmailAddress! Easy enough.

If AD use is NOT found, keep looping through all Divisions until the last one, if not found in any Division, print ONLY ONCE "user not found in AD"

I've been playing around with various Do-While, Do-Until loops and If-ElseIf statements but I can't figure out to get it to report only ONCE if not found in any division.

$Divisions="1","2","3"
$lastd = $Divisions | Select-Object -Last 1

Foreach ($d in $Divisions){
    $aduser = Get-ADUser -Filter "Surname -like '*$lastname' -and GivenName -like '$givenname*'`
     -and Enabled -eq '$True' -and Division -eq '$d'"`
        -SearchBase "OU" -Properties Name, Division, EmailAddress |Select-Object Name,Division,EmailAddress

        if(!$aduser){
            write-host "Usernotfound"
            }
            if($aduser -eq ""){
                write-host "user not found in AD" `n
                }
                else{
                write-host "User Found in $d :" $aduser.Name $aduser.EmailAddress -F Green `n
                }
        }

Here's a sample result when I run script.

USER1 - account will be terminated in 35 days; Last signon activity 2 days ago
****Searching: Active Directory Information
Usernotfound
Usernotfound
Usernotfound
Usernotfound
Usernotfound
Usernotfound
User Found in Division1! Name EmailAddress

USER2 - account will be terminated in 43 days; Last signon activity 4 days ago
****Searching: Active Directory Information
Usernotfound
Usernotfound
Usernotfound
Usernotfound
Usernotfound
Usernotfound
User Found in Division2! Name EmailAddress

Usernotfound
Usernotfound
Usernotfound

How can this be done better?

halfer
  • 19,824
  • 17
  • 99
  • 186
randomuser
  • 13
  • 3
  • If Get-ADUser cannot find a user inside a certain `SearchBase`, there is no point in trying to find that user again and again within that same OU, hoping you'll find him/her with just a change in the `Division` property.. – Theo Nov 10 '21 at 16:03
  • Hey, Theo, based on your comment, I took out the -Searchbase parameter -- got same exact result tho. – randomuser Nov 10 '21 at 16:41

1 Answers1

0

Since your foreach loop seems to pertain only to a single user (while iteratively looking for that one user in multiple divisions), you can simply move your not-found test to after the loop:

foreach ($d in $Divisions) {
    $aduser = 
      Get-ADUser -Filter "Surname -like '*$lastname' -and GivenName -like '$givenname*' -and Enabled -eq 'True' -and Division -eq '$d'" -Properties Name, Division, EmailAddress |
        Select-Object Name,Division,EmailAddress
    if ($adUser) {
      Write-Host "User Found in $d :" $aduser.Name $aduser.EmailAddress -F Green `n
      break # Presumably you needn't keep searching.
    }
}

if (-not $aduser) {
  Write-Host "Usernotfound"
}
mklement0
  • 382,024
  • 64
  • 607
  • 775
  • Thanks, mklement()! Yup! That was it -- a combination of using BREAK and moving the -not test after the foreach loop. Awesome! – randomuser Nov 10 '21 at 18:11