Here’s a handy Powershell script to check for duplicate attribute values on AD objects. Why is this useful? Well, you might have provisioning systems that assign unique values (e.g. employeeID) to AD objects. Things can start to go wrong if it turns out that more than one object has been assigned the same attribute value. In the example below, I have used the adminDisplayname attribute, but you can easily change this to your attribute of choice.
# Import the AD Powershell module
ipmo ActiveDirectory
# Create an array from LDAP search
$adobjs = Get-ADObject -LDAPFilter "(admindisplayname=*)" -pr admindisplayname `
| Select-Object -ExpandProperty admindisplayname
# Create a new empty hash table object
$hash = @{}
# Add each item from the LDAP results to the hash table
$adobjs | % {$hash["$_"] += 1}
# Find the duplicates by examining the hash table
$hash.keys | ? {$hash["$_"] -gt 1} `
| % {write-host "Duplicate attribute value found: $_" }
Thank you for the fantastic tip. Great little script!
Niiice. 🙂
Could you modify it so it lists the name and samaccountname too?
Perfect for me!! Thanks!!