0

I want to know how many Users whose ending are two numbers there are where the Attribute "UserParameters" is null. This is my command so far:

$var1 = Get-ADUser -Filter {SamAccountName -like "*[0-9][0-9]"} -SearchBase "OU=xxxxxxxxxxxxxx,DC=xxxxxxx,DC=xx" | Where-Object {$_.UserParameters -eq $null}

If I type in $var1.count it just replies with 0. Why is that so? And yes there are users that end with two numbers. I think the -Filter is the Problem because if I just type -Filter * it works just fine. Please help me!

Santiago Squarzon
  • 41,465
  • 5
  • 14
  • 37
cosmo_
  • 11
  • 5
  • 1
    Aren't you forgetting to assign the outcome of Get-ADUser to your variable?. Also, `Filter` should be a string, not a scriptblock. I don't think the filter will understand `[0-9][0-9]`, so you'll have to use a Where-Object clause – Theo Jun 05 '23 at 14:40

1 Answers1

1

The AD Filter provider has no clue what the wildcard [0-9] means. You can construct an LDAP Filter yourself if needed which would essentianlly be an OR pattern |:

(|(samAccountName=*00)(samAccountName=*01)(samAccountName=*02)(samAccountName=*03)...)

For example:

$filter = "(|"
foreach($i in 0..9) {
    foreach($x in 0..9) {
        $filter += "(samAccountName=*$i$x)"
    }
}
$filter += ")"
Get-ADUser -LDAPFilter $filter -SearchBase 'OU=xxxxxxxxxxxxxx,DC=xxxxxxx,DC=xx'
Santiago Squarzon
  • 41,465
  • 5
  • 14
  • 37
  • Thanks for your fast answer but i'm really new to PowerShell and barely know to write a function. Can you please tell me how i can apply this function to my script or tell how I need to approach this because it all sounds greek to me. – cosmo_ Jun 05 '23 at 14:54
  • @cosmo_ as explained in the answer, the filter `SamAccountName -like "*[0-9][0-9]"` is not valid for Active Directory you can however replace it by an OR pattern as shown in my answer. Im not sure what else there is to explain. – Santiago Squarzon Jun 05 '23 at 14:56