As you’ve possibly seen in a previous post from a few years back, I wrote a tool specifically to identify a gap in our IDFix tool (namely, the inability to identify which objects were duplicates across one or more forests).
I stumbled across the need for it a few days ago while trying to help someone locate an Azure AD Connect export error. Azure AD reported an object where there were one or more objects with a duplicate SMTP value.
I had to go all prehistoric and email them a copy of the script as opposed to just pointing them to a friendly place to download it, since we decided to retire the TechNet Gallery.
To see it in action, follow these steps:
- Go to a workstation or server where you have the Active Directory RSAT configured (I know you were probably expecting me to say “RSAT Tools,” but “Tools” is redundant in the same way “ATM Machine” is).
- Launch an elevated PowerShell prompt.
- Run Install-Script Find-DuplicateValues. If you’ve never used PowerShell gallery and NuGet this way before, you may get prompted a few times, first to update the PATH variable:
And then to install (or update) the NuGet provider:
- If you run into problems, you may need to update your TLS settings. If you receive a lot of red on your screen with things like “Unable to install NuGet provider,” you can try this (and then close/restart PowerShell :
Set-ItemProperty -Path 'HKLM:\SOFTWARE\Wow6432Node\Microsoft\.NetFramework\v4.0.30319' -Name 'SchUseStrongCrypto' -Value '1' -Type DWord Set-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\.NetFramework\v4.0.30319' -Name 'SchUseStrongCrypto' -Value '1' -Type DWord
- Confirm that you want to install from the PSGallery repository:
- Run the script with the following syntax:
- Review the output (matching values will be highlighted).
- Beat down those responsible, as appropriate.
There are a bunch of extra parameters for working with large environments (thousands of OUs filled with thousands of users, which causes an AD Web Services buffer error) or using the legacy LDAP filter method (which will result in partial matches, if you’re into that sort of thing).
You can install the script using the Install-Script Find-DuplicateValues syntax mentioned earlier or by going to the tool’s page: PowerShell Gallery | Find-DuplicateValues 2.0 Cheers!