Follow

Keep Up to Date with the Most Important News

By pressing the Subscribe button, you confirm that you have read and are agreeing to our Privacy Policy and Terms of Use
Follow
Facebook Twitter Instagram Youtube
Contact

How to validate if my user has an ADM account based on samaccountname

byMR
November 22, 2022

I would like to validate if my standard user has an admin account in AD.

Example, the samaccountname of Smith, Joe is SmithJ. I want to check if he has an ADMSmithJ in the AD

$samaccountname = Read-Host "Please type the samaccountname"
$AdUser = get-aduser $samaccountname -Properties samaccountname

Try { get-aduser "adm"$samaccountname? -Properties samaccountname

}catch{ write-host "the user $samaccountname doesnt have a priviledge (Adm) Account."

}

MEDevel.com: Open-source for Healthcare and Education

Collecting and validating open-source software for healthcare, education, enterprise, development, medical imaging, medical records, and digital pathology.

Visit Medevel

>Solution :

You could do it like this, instead of try / catch, I would personally filter for a user having Name or SamAccountName:

$account = Read-Host "Please type the SamAccountName"
try {
    $adUser  = Get-ADUser $account
    $admUser = 'adm' + $adUser.Surname + $adUser.GivenName[0]
    if($adUser = Get-ADUser -LDAPFilter "(|(name=$admUser)(samAccountName=$admUser))") {
        # if the AD object exists in AD, return the object
        $adUser
    }
    else {
        "No user found with SamAccountName '$admUser' in AD."
    }
}
catch {
    Write-Warning $_
}
byMR
Published
Add a comment

Leave a Reply

Keep Up to Date with the Most Important News

By pressing the Subscribe button, you confirm that you have read and are agreeing to our Privacy Policy and Terms of Use

Read more

Discover more from Dev solutions

Subscribe now to keep reading and get access to the full archive.

Continue reading