Didn’t even think about just issuing it on its own and getting a true/false back. I feel like a dope. Hopefully I will remember for future use cases!
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Devin Rich Sent: Monday, August 29, 2016 11:50 AM To: powershell@lists.myitforum.com Subject: Re: [powershell] RE: Get-ADUser and RegEx: ATTENTION: This email came from an external source. DO NOT open attachments or click on links from unknown senders or unexpected emails. 3 things. 1. Test it yourself! I saw: PS O:\> "AB1234TEST" -match "^[A-Z]{2}[0-9]{3,6}" True PS O:\> "AB1234TEST" -match "^[A-Z]{2}[0-9]{3,6}$" False so I agree that it will match. (as always, you can use \w and \d for characters and number. Maybe you wanted to restrict to only upper case letters and could also do: "AB1234TEST" -match "^[A-Z]{2}\d{3,6}$") 2. Where isn't particularly fast, but for any reasonable amount of data, it will do just fine. You can use the magic where method (google it) if you have a newer version of powershell. 3. My understanding is that filter isn't not a regex. I don't use it much, but iirc, it is more like a SQL where clause and not a powershell one: much more limited filtering, but it is more efficient if it can handle search. I think you're on the right track as is. Thanks, Devin Rich Systems Administrator On Mon, Aug 29, 2016 at 11:29 AM, Orlebeck, Geoffrey <geoffrey.orleb...@montagehealth.org<mailto:geoffrey.orleb...@montagehealth.org>> wrote: I forgot to update one piece of the below code. I’m no longer returning all properties. I have it only returning the additional property of ‘OfficePhone’: $StdUsers = Get-ADuser -Filter {Enabled -eq $True} –Properties OfficePhone | Where {$_.samAccountName -match "^[A-Z]{2}[0-9]{3,6}"} From: Orlebeck, Geoffrey Sent: Monday, August 29, 2016 10:28 AM To: 'powershell@lists.myitforum.com<mailto:powershell@lists.myitforum.com>' Subject: Get-ADUser and RegEx: All: I’m attempting filter user accounts based on samAccountName formatting. The standard we use is user’s initials + employee ID. For example: AB1234. The issue I ran into is there are some test/service accounts using a similar format (e.g. TEST1234) being returned when I used the initial regular expression of "[A-Z]{2}[0-9]{3,}". I added a carrot to the beginning and it now is excluding accounts that don’t begin with two letters. I did a spot check across my results and while it appears now only accounts matching our standard user criteria are returned, I was hoping for a sanity check: This returns standard (e.g. AB1234) and non-standard accounts (e.g. TEST1234): $StdUsers = Get-ADuser -Filter {Enabled -eq $True} -Properties * | Where {$_.samAccountName -match "[A-Z]{2}[0-9]{3,6}"} This only returns standard account naming conventions (e.g. AB1234, CD56789): $StdUsers = Get-ADuser -Filter {Enabled -eq $True} -Properties * | Where {$_.samAccountName -match "^[A-Z]{2}[0-9]{3,6}"} I was hoping this group could help me confirm two things: 1) The "^[A-Z]{2}[0-9]{3,6}" regular expression is the best one for matching accounts like “AB1234” while ignoring “TEST1234”. One question I have is would "^[A-Z]{2}[0-9]{3,6}" still match on something like “AB1234TEST”? I am not sure if what I have is explicitly looking from the start of the samAccountName for two letters followed by 3-6 digits, and ignoring any characters beyond. 2) Is my filtering and matching formatted efficiently using standard cmdlets? I tried using a regular expression within the –Filter parameter, but the error I received makes me think I cannot filter with regular expressions (at least the Get-ADUser cmdlet doesn’t support it). I know the mantra “filter left, format right”, still looking if there is a better way to accomplish this goal. In case it’s relevant, I’m doing some AD attribute settings for phone number formatting—some users are “(555) 555-5555” or “5555555555” and we’re moving towards a standard “555-555-5555”, but I first only want to pipe standard user accounts. Thank you for your time. -Geoff Confidentiality Notice: This is a transmission from Community Hospital of the Monterey Peninsula. This message and any attached documents may be confidential and contain information protected by state and federal medical privacy statutes. They are intended only for the use of the addressee. If you are not the intended recipient, any disclosure, copying, or distribution of this information is strictly prohibited. If you received this transmission in error, please accept our apologies and notify the sender. Thank you. The information contained in this message is privileged, confidential, and protected from disclosure. If you are not the intended recipient, you are hereby notified that any review, printing, dissemination, distribution, copying or other use of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer.
