Menu
Just wrote a script that disables an account, moves it to a disabled OU and changes the description on the user object, but I want to make it more efficient.
My work AD structure has all users under Root - accounts OU, and the 50 or so department OUs under that accounts OU.
How can I START my search at the accounts OU and have it check every sub OU in accounts?
880
To exclude specific sub OU's beneath Parent OU and get adusers from all other OU, we will have to use the Where-Object command to filter where the distinguishedname of the OU is not like the specific sub OU which we want to exclude.
Simply open the “User Accounts” report, specify the path to the OU you're interested in and run the report. You'll get a list of the members of that OU with the following user account properties: name, logon name and status.
You can create a Windows Active Directory (AD) user in a specific OU by using the -path parameter in 'New-ADuser' PowerShell command.
If I understand you correctly, you need to use -SearchBase:
Get-ADUser -SearchBase "OU=Accounts,OU=RootOU,DC=ChildDomain,DC=RootDomain,DC=com" -Filter *
Note that Get-ADUser defaults to using
-SearchScope Subtree
so you don't need to specify it. It's this that gives you all sub-OUs (and sub-sub-OUs, etc.).
102
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
