I was asked to deliver a daily extract of information about our organization’s Microsoft Teams adoption. It was to include the Team’s settings, its owners, its members (separated by internal members and guests), and when it was to expire. Ideally, I’d be able to schedule this to run each morning and drop the resulting file in a Team’s Channel document library.

Tim Curwick of the Mad With PowerShell blog deserves credit for this, but I don’t think he’s ever blogged about it.

The filters for Get-ADUser are weird, and perhaps poorly, or more generously, “under-“ documented. There’s the about_ActiveDirectory_Filter topic, and there are examples in the command’s help. There’s this Technet wiki page maintained by MVP Richard Mueller, and any number of other blog posts. But with so many options, it’s nearly impossible to provide examples for every combination.

Getting the filter right on the first attempt remains as elusive as getting a Regular Expression right on the first try.

For example Get-ADUser -filter "enabled -eq '$True'" works just fine. But what if you want to narrow that down further to enabled user accounts with some value for the HomeDirectory? You can’t just add to that. "enabled -eq '$true' -and HomeDirectory -ne "$null"' does not work! Instead, you have to completely shift gears and end up with {(enabled -eq $true) -and (HomeDirectory -ne "$null")}. Of particular note is the requirement to enclose the $null in double quotes, but not the $true.

Get-ADUser -filter {(enabled -eq $true) -and (HomeDirectory -ne "$null")}

Post a comment if you have a different filter format that delivers the same results.

Sometimes eight required parameters are too many when your end user only wants to pick between taking action on their UAT environment or their production environment. In cases like that, it might be more desirable to provide the module you wrote for them with a data file that contains the pertinent information.

Sometimes a solution comes from scratch, inventing from the ground up. Other times, it’s just a matter of putting the pieces together. So what do you get when you combine dscottraynsford’s cFSRM DSC Resource and Experiant.ca’s anti ransomware list? One more brick in the wall against ransomware!