When you are creating a new user you may want to test if a particular name is already is use. The Quest AD cmdlets provide great functionality but one area of confusion is where you are searching for a user by name:

PS> Get-QADUser -Identity “GREEN Dave” | ft -a

But I didn’t ask for the second user. The problem is because the Quest cmdlets use s ANR – ambiguous name resolution when searching. This is equivalent to using “GREEN Dave*” in your search. In other words the cmdlets assume you are appending wildcards.

Way round it is to use an LDAP filter

PS> Get-QADUser -LdapFilter ‘(cn=GREEN Dave)’ | ft -a

LDAP filters are also available with the Microsoft cmdlets (you can’t use name as a search with the identity parameter with the MS cmdlets)

PS> Get-ADUser -LdapFilter ‘(cn=GREEN Dave)’

DistinguishedName : CN=GREEN Dave,CN=Users,DC=Manticore,DC=org
Enabled           : True
GivenName         :…