This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Dear experts,
I'm having an issue when trying to get the basename of the OUs for a list of users. I have a .csv file and trying following scripts but @OUname didn't give me the result.
How get I use the OU name without that CN=XXX part?
Thanks a lot!
foreach ($User in $ADUsers)
{
#Read user data from each field in each row and assign the data to a variable as below
$department = $User.Department
$Username = $User.Account
$email = $User.Email
$employeeid = $User.EmployeeID
$jobtitle = $User.JobTitle
$employeeType = $User.employeeType
$group1 = $User.Group1
$group2 = $User.Group2
$DN = Get-ADUser -Identity $Username -Properties * | select DistinguishedName
$OUname = Get-ADOrganizationalUnit -Identity $DN -Properties * | select name
I've defined $DN but the next $OUname went wrong with errors:
PS C:\Users\eaven.huang> $DN
DistinguishedName
-----------------
CN=Eaven.test,OU=IT Test,OU=Admins,OU=Staff,OU=Users,OU=XXX,DC=cn
PS C:\Users\eaven.huang> $OUname = Get-ADOrganizationalUnit -Identity $DN
Get-ADOrganizationalUnit : Cannot validate argument on parameter 'Identity'. The Identity property on the argument is null or empty.
At line:1 char:46
+ $OUname = Get-ADOrganizationalUnit -Identity $DN
+ ~~~
+ CategoryInfo : InvalidData: (:) [Get-ADOrganizationalUnit], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.ActiveDirectory.Management.Commands.GetADOrganizationalUnit
Hi @Eaven HUANG
Just from a quick glance it looks like your DN structure may be incorrect (CN=Eaven.test,OU=IT Test,OU=Admins,OU=Staff,OU=Users,OU=XXX,DC=cn). Usually it should end with the domain being DC=XXX,DC=cn
Example for domain FABRIKAM.COM:
OU=Sales,OU=UserAccounts,DC=FABRIKAM,DC=COM
If you still can't get it to work, can you paste more of your PowerShell script?
---------------------------------
If this is helpful please accept answer.
Hi @Eaven HUANG ,
the issue is: The DistinguishedName (DN) property of the user contains at the beginning the user details (CN=xxxx,) followed by the OU/domain structure.
You need to split the user's DN to get the OU details only.
Please try this to get just the OU of the user:
$Username = "mmouse"
$DN = ((Get-ADUser -Identity $Username).DistinguishedName).Split(",",2)[1]
$OUname = Get-ADOrganizationalUnit -Identity $DN -Properties * | select name
$OUname
----------
(If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)
Regards
Andreas Baumgarten
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 74%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERM%3C/text%3E%3C/svg%3E)
The simple "split" works in a lot of cases, but it won't work if the CN value has an escaped comma in it. E.g., "CN=Eaven\, test,OU=IT Test,OU=Admins,OU=Staff,OU=xxx".
The last company I worked for used "LastName\, FirstName" as the CN name in tens of thousands of user objects.
Hello there,
Maybe this will help.
$OUpath = 'ou=Managers,dc=enterprise,dc=com'
$ExportPath = 'c:\data\users_in_ou1.csv'
Get-ADUser -Filter * -SearchBase $OUpath | Select-object
DistinguishedName,Name,UserPrincipalName | Export-Csv -NoType $ExportPath
Use a Single Line PowerShell Command to List All Users in an OU https://devblogs.microsoft.com/scripting/powertip-use-a-single-line-powershell-command-to-list-all-users-in-an-ou/
----------------------------------------------------------------------------------------------------------------------------------------------
--If the reply is helpful, please Upvote and Accept it as an answer–
You can get the 1st OU name from a distinguished name like this:
$x = "CN=Eaven\, test,OU=IT Test,OU=Admins,OU=Staff,OU=xxx"
$x -match "^((CN=.*?))?OU=(?<OUName>.*?(?=,))"
$matches.OUName