powershell quest : get-qaduser -identity guid doesn't work?

Question

i start out by querying an exchange server 2003 with:

POSH>get-wmiobject -class Exchange_mailbox -namespace Root\MicrosoftExchangeV2 -server srv02 

to get the users. One of the properties available is the mailboxguid. so for testing, I run

POSH> get-qaduser -identity <mailboxguid> 

however it doesn't work. is there something special I need to do to the mailboxguid?

thanks in advance

Answer 1

Get-QADUser tries to resolve an object by one of these properties: DN, SID, GUID, UPN or Domain\UserName, mailboxguid is not one of them. That said, you can use the mailbox "MailboxDisplayName" property as the identity for Get-QADUser:

get-wmiobject -class Exchange_mailbox -namespace Root\MicrosoftExchangeV2 -server srv02 | Get-QADUser -identity {$_.MailboxDisplayName}

EDIT: Try to parse the LegacyDN WMI property if you can't use MailboxDisplayName:

get-wmiobject -class Exchange_mailbox -namespace Root\MicrosoftExchangeV2 -computerName srv02| Get-QADUser -identity {$.LegacyDN.substring($.LegacyDN.lastIndexOf("=")+1)}

btw, replace -server with -computerName, Get-WMIObject has no -server parameter. I addition you could go the other way and not use WMI to get mailbox enabled objects, you can query AD directly:

Get-QADObject -sizeLimit 0 -ldap "(homeMDB=*)"

Answer 2

I think the problem lies somewhere else: if you get an object (e.g. a user) from the AD through its name and look at the ObjectGUID, it contains a string like this:

(Get-QADUser -Identity myDomain\myUser).ObjectGUID 
-> CAEC64A025153143A6755E0A3DAB5C1A

To get the same user through its GUID, you have to specify:

(Get-QADUser -Identity A064ECCA-1525-4331-A675-5E0A3DAB5C1A).ObjectGUID
-> CAEC64A025153143A6755E0A3DAB5C1A

If you compare the GUIDs you will notice that they look somewhat similar but not the same:

CAEC64A0-2515-3143-A675-5E0A3DAB5C1A
A064ECCA-1525-4331-A675-5E0A3DAB5C1A

This problem occurs because the System.GUID uses a different byte-order than Active Directory to construct the GUID.

You can correct it like this (VB.NET):

Private Shared Function GetCorrectGuid(ByVal aWrongGuid As Guid) As Guid
  Dim myGuidString As String = aWrongGuid.ToString("N")
  Dim myWrongGuid As Char() = myGuidString.ToCharArray()
  Dim myCorrectGuid As Char() = myGuidString.ToCharArray()
  myCorrectGuid(0) = myWrongGuid(6)
  myCorrectGuid(1) = myWrongGuid(7)
  myCorrectGuid(2) = myWrongGuid(4)
  myCorrectGuid(3) = myWrongGuid(5)
  myCorrectGuid(4) = myWrongGuid(2)
  myCorrectGuid(5) = myWrongGuid(3)
  myCorrectGuid(6) = myWrongGuid(0)
  myCorrectGuid(7) = myWrongGuid(1)
  myCorrectGuid(8) = myWrongGuid(10)
  myCorrectGuid(9) = myWrongGuid(11)
  myCorrectGuid(10) = myWrongGuid(8)
  myCorrectGuid(11) = myWrongGuid(9)
  myCorrectGuid(12) = myWrongGuid(14)
  myCorrectGuid(13) = myWrongGuid(15)
  myCorrectGuid(14) = myWrongGuid(12)
  myCorrectGuid(15) = myWrongGuid(13)
  Return New Guid(New String(myCorrectGuid, 0, 32))
End Function

or this (C#):

private static Guid GetCorrectGuid(Guid aWrongGuid) {
  string myGuidString = aWrongGuid.ToString("N");
  char[] myWrongGuid = myGuidString.ToCharArray();
  char[] myCorrectGuid = myGuidString.ToCharArray();
  myCorrectGuid[0] = myWrongGuid[6];
  myCorrectGuid[1] = myWrongGuid[7];
  myCorrectGuid[2] = myWrongGuid[4];
  myCorrectGuid[3] = myWrongGuid[5];
  myCorrectGuid[4] = myWrongGuid[2];
  myCorrectGuid[5] = myWrongGuid[3];
  myCorrectGuid[6] = myWrongGuid[0];
  myCorrectGuid[7] = myWrongGuid[1];
  myCorrectGuid[8] = myWrongGuid[10];
  myCorrectGuid[9] = myWrongGuid[11];
  myCorrectGuid[10] = myWrongGuid[8];
  myCorrectGuid[11] = myWrongGuid[9];
  myCorrectGuid[12] = myWrongGuid[14];
  myCorrectGuid[13] = myWrongGuid[15];
  myCorrectGuid[14] = myWrongGuid[12];
  myCorrectGuid[15] = myWrongGuid[13];
  return new Guid(new string(myCorrectGuid, 0, 32));
}

And yes, I know this is not the most efficient way but I simply don't have the time to rewrite it now into a function that is based on a byte-array and that uses arraycopy. Sorry.

Hope that helps chha