Powershell: finding by mail all accounts that are managed by one person

Question

Can you help me with this oneliner? I've tried a different syntax, but to no avail. I want to find all user accounts that have one specific manager and the manager needs to be specified by mail.

Get-ADUser -Filter {manager -eq ((Get-ADUser -Filter {mail -eq "name@company.com"}).DistinguishedName)} -Properties AccountExpirationDate | select samaccountname, AccountExpirationDate

Adam.

score 0 · Answer 1 · answered Nov 05 '20 at 09:06

This one should work :

Get-ADUser -Filter "manager -eq `"$((Get-ADUser -Filter `"mail -eq 'name@company.com'`").DistinguishedName)`"" -Properties AccountExpirationDate | select samaccountname, AccountExpirationDate

I prefer double quotes for Filter parameter. The equal test need to be passed as a string. So, you need to escape the double quote inside the main filter.

notjustme · Accepted Answer · 2020-11-05T14:38:29.013

There might be more elegant ways of solving this but the following should work.

Edit after you added more info.

I assume you want all the "service accounts" under that manager and not that the manager itself is assumed to be a service account?

Get-ADUser -Filter "manager -eq '$($(Get-ADUser -Filter 'mail -eq "name@company.com"').DistinguishedName)' -and extensionAttribute8 -eq 'service account'" -Properties AccountExpirationDate | select SamAccountName, AccountExpirationDate

Furthermore - mklement0 has an excellent answer with quite extensive information on the Filter-parameter and how it ought to be used, despite the ActiveDirectory module allowing for a different approach.

score 0 · Answer 3 · answered Nov 05 '20 at 12:57

Both answers works, I am sorry but I need to change a desired commend:

as i changed your commands they look like

Get-ADUser -Filter "manager -eq `"$((Get-ADUser -Filter `"mail -eq 'name@company.com'` -and extensionattribut8 -eq "service account"").DistinguishedName)`"" -Properties AccountExpirationDate | select samaccountname, AccountExpirationDate

Get-ADUser -Filter "manager -eq '$($(Get-ADUser -Filter 'mail -eq "name@company.com" -and extensionattribut8 -eq "service account"").DistinguishedName')" -Properties AccountExpirationDate | select SamAccountName, AccountExpirationDate

and it doesn't work. Get i get more of your help? Changed: 2 conditions is the filter.

See my updated answer. Also, you should remove this answer and instead add the new info in your original question. — notjustme, Nov 05 '20 at 14:39

Powershell: finding by mail all accounts that are managed by one person

3 Answers3