2
votes

I need to compare enabled users in Active Directory with the user profile list from a server and then delete disabled profiles on the same server.

I'm trying to get a .csv list of users for each: one for the AD and one for the server.

When I get the server file, profiles are displayed like this: "domain\username" but with the AD file I only get: "username", so I can't compare them.

Ideally I would like to change the username when I get the AD file to add the domain. I tried to do something like this:

$Name = $_.SamAccountName
ForEach-Object {
    Get-ADUser -Filter 'enabled -eq $true' | select-object SamAccountName

    $Name = "DOMAIN\ + $Name"
}     
$users | Export-Csv c:\USEREnabled.csv -Encoding UTF8

Which returns the .csv file with all SamAccountName but without any change done.

1

1 Answers

0
votes

You can do this by using a technique called "Calculated Properties". This is where we generate a new property for an object via Select-Object. Here's how it could work for you:

Get-ADUser -Filter 'enabled -eq $true' | 
    Select-Object SamAccountName,@{Name='FullUserName';Expression={"YOURDOMAIN\$($_.SamAccountName)"}} |
    Export-CSV C:\Temp\UsersEnabled.csv -Encoding UTF8

This works by adding to Select-Object a hashtable with Name and Expression keys. Within the Expression key a scriptblock is used to build a new string that adds Domain to the SamAccountName property of each user in the pipeline (which is represented by the automatic variable $_).

The result of this will be an object with two properties returned: SamAccountName and FullUserName.