There are a couple of ways to find the OU of an Object, some are long-winded ways splitting and counting characters. The best way I’ve come up with for a quick and case insensitive check:
1 2 3 4 5 |
PS C:\> $DNtoCheck = "CN=Corp Test User2,OU=Corp Users,OU=Department,DC=Biz,DC=com" PS C:\> $DNtoCheck.Substring($DNtoCheck.IndexOf('OU=',[System.StringComparison]::CurrentCultureIgnoreCase)) OU=Corp Users,OU=Department,DC=Biz,DC=com |
A better example of the use in code:
1 2 3 4 5 |
$DNtoCheck = "CN=Corp Test User2,ou=Corp Users,OU=Department,DC=Biz,DC=com" if ($DNtoCheck.Substring($DNtoCheck.IndexOf('OU=',[System.StringComparison]::CurrentCultureIgnoreCase)) -eq "OU=Corp Users,OU=Department,DC=Biz,DC=com") { Write-host "Yes - The OU are the same" } |
The Case Culture fixes up the compare of string being a different case of “OU=”, otherwise it may fail depending on code use. Notice the above example having the OU being in lower case for “ou=Corp” but it still matches “OU=Corp”.
This can also be used on a collection object adding a new column called the “ParentOU”. The following example show how to get a build $users with a list of users from the Domain but only shows two columns:
1 2 3 |
PS C:\> $users = get-aduser -Filter * PS C:\> $users | Select-Object DistinguishedName, Name | ft |
We can modify the collection to have an additional column with the following:
1 |
PS C:\> $users | Select-Object DistinguishedName, Name, @{n="ParentOU";e={$($_.DistinguishedName.Substring($($_.DistinguishedName).IndexOf('OU=',[System.StringComparison]::CurrentCultureIgnoreCase)))}} | ft |
This results in the following collection format table:
1 2 3 4 5 6 7 8 9 10 11 12 |
DistinguishedName Name ParentOU ----------------- ---- -------- CN=Guest,CN=Users,DC=Biz,DC=com Guest CN=krbtgt,CN=Users,DC=Biz,DC=com krbtgt CN=Neil B. Armstrong,OU=Department,DC=Biz,DC=com Neil B. Armstrong OU=Department,DC=Biz,DC=com CN=Michelle Davis,OU=Department,DC=Biz,DC=com Michelle Davis OU=Department,DC=Biz,DC=com CN=Zen Meeting Room,CN=Users,DC=Biz,DC=com Zen Meeting Room CN=Corp TestUser1,OU=Corp Users,OU=Department,DC=Biz,DC=com Corp TestUser1 OU=Corp Users,OU=Department,DC=Biz,DC=com CN=Corp Test User2,OU=Corp Users,OU=Department,DC=Biz,DC=com Corp Test User2 OU=Corp Users,OU=Department,DC=Biz,DC=com CN=zxy TestUsers1,OU=zxys,OU=Department,DC=Biz,DC=com zxy TestUsers1 OU=zxys,OU=Department,DC=Biz,DC=com CN=zxy TestUsers2,OU=zxys,OU=Department,DC=Biz,DC=com zxy TestUsers2 OU=zxys,OU=Department,DC=Biz,DC=com CN=Slade A Peralta,OU=TestTidy,DC=Biz,DC=com Slade A Peralta OU=TestTidy,DC=Biz,DC=com |
Notice, the user objects in the Users Folder in Active Directory. It’s a folder and not an Organisation Until so the ParentOU is blank.
To add the column to the collection object:
1 |
PS C:\> $users = $users | Select-Object DistinguishedName, Name, @{n="ParentOU";e={$($_.DistinguishedName.Substring($($_.DistinguishedName).IndexOf('OU=',[System.StringComparison]::CurrentCultureIgnoreCase)))}} | ft |