Showing posts with label Ad Sync. Show all posts
Showing posts with label Ad Sync. Show all posts

Wednesday, 11 December 2019

Powershell - compare two mailboxes in hash table and export to CSV

 

I thought I’d share a useful little powershell trick I used today which allowed me to easily compare two very similar mailboxes in Office 365.  I had a user who had a duplicate mailbox which had been inadvertently created through an issue with AAD Sync.  I knew all the fields I would be comparing would be identical so I used a hash table with embedded arrays to compare the information I was interested in. 

 

First create a variable for each mailbox which will contain all the information we will be comparing.  Then create the hashtable.

 

 

$user1 =  get-mailbox -identity user.name@contoso.com

$user2 =  get-mailbox -identity user.name@contoso-corp.com

$combined = @{}

 

Next pipe the fields from the variable into the hash table, creating an array for each one.  Then pipe the variables containing our mailbox data into the nested arrays in the hashtable.

 

 

$user1.psobject.properties | Foreach { $combined[$_.Name] = @() }

$user1.psobject.properties | Foreach { $combined[$_.Name] += $_.Value }

$user2.psobject.properties | Foreach { $combined[$_.Name] += $_.Value }

 

 

Finally I converted the hashtable back to a PSObject so that I could export it to a csv file and analyse the output in Excel.

 

$combined.getenumerator() | ForEach-Object {

    New-Object -Type PSObject -Property @   {

        'Field' = $_.Name

        'contoso.com' = $_.Value[0]

        'contoso-corp.com' = $_.Value[1]

                                            }

    } | Select-Object Field, contoso.com, contoso-corp.com | Export-Csv C:\cloudwyse\comparison.csv -NoType

   

 

The whole (short) script is available in the Gist below.

 
Posted by No comments:
Labels: , , , , , , , , , , , , ,

Friday, 8 February 2019

Powershell LDAP query to find Azure / O365 users synchronised with AD Sync

 

 

Recently I needed to create a quick report that would allow me to see at a glance which accounts in that domain had been synchronised with AD Sync into Azure AD.  It wasn’t possible using Get-ADuser and I knew an LDAP query would do the trick.  First I had to download a powershell module called System.DirectoryServices.Protocols.  Once the module is downloaded run:

 

 

Add-Type -AssemblyName System.DirectoryServices.Protocols

Import-Module C:\Cloudwyse\Tools\S.DS.P.psm1

 

Then to query the information I required I ran:

 

 

$MigratedUsers=Find-LdapObject -SearchFilter:"(msDS-ExternalDirectoryObjectId=*)" -SearchBase:"DC=contoso,DC=com" -LdapConnection:"server01.contoso.com" -PageSize 500

 

 

Conversely, if you wanted to find all users that HADN’T been synchronised you could run the following:

 

 

$MigratedUsers=Find-LdapObject -SearchFilter:"(!msDS-ExternalDirectoryObjectId=*)" -SearchBase:"DC=contoso,DC=com" -LdapConnection:"server01.contoso.com" -PageSize 500

 

 

I still had a few service accounts showing so I just filtered these in Excel based on the DN.  To export the fil just run…

 

 

Export-CSV C:\Cloudwyse\User_report.csv

 

 

 

Posted by No comments:
Labels: , , , , , , , , , , , , , , ,
Subscribe to: Posts (Atom)