Filter is finicky

Get-ADUser -Filter is really finicky. I finally figured out what I was doing wrong with the help of this wonderfully detailed post.

Basically, I can’t use properties of variables with -Filter

This does NOT work:

foreach ($user in $userlist) {
  $ADUser = Get-ADUser -Filter{(Surname -eq $user.Surname) -and (GivenName -eq $user.GivenName)}

This does work:

foreach ($user in $userlist) {
  $ln = $user.Surname
  $fn = $user.GivenName
  $ADUser = Get-ADUser -Filter{(Surname -eq $ln) -and (GivenName -eq $fn)}

Find the DHCP Server

I had to find the dhcp server, but I can’t find any good method in Powershell. So I’m using Powershell to parse ipconfig /all.

$a = [string](ipconfig /all | findstr /C:"DHCP Server")
if ($a.Length -gt 0) {
$dhcpserver = $a.Substring($a.IndexOf("1"))

Which will take:

DHCP Server . . . . . . . . . . . :

And give you:

A List of Domain Controllers

This blog post had a simple solution for getting a list of domain controllers in Powershell.

Get-ADDomainController -Filter * | Select-Object name

Although for my script I ended up dropping the Select-Object name.

foreach ($DC in (Get-ADDomainController -Filter *)) {
  $DCName = $DC.Name
  $file = (Get-Item "\\$DCName\netlogon\file.txt").LastWriteTime
  Write-Output("$DCName :: $file")

I’m used this as a (very) quick and dirty way to diagnose an AD replication issue by comparing a file’s known modify datetime with copies in the other DC’s netlogon folder.