I looked everywhere and couldn’t really find an answer to this!
The company I work for had some legacy system that interfaced with the Active Directory, when a users attribute was emptied in the software, the software did not clear the attribute in AD, it just put a space character. 😦
This has been annoying for us as applications such as Exclaimer Mail Signatures have a if attribute has a value, write the attribute into the email signature. When peoples Mobile numbers are just a space in AD, it does technically have a value!
So I needed to find a query to fix this.
Find users with spaces in attributes
You can use ascci characters in an LDAP query. The ascci character for space (in hexadecimal) is 20. The backslash is an LDAP query escape character. The query above should find all the users that just have the space character in the homePhone attribute.
How to clear them all
Now that the offending accounts have been found, it’s time to fix em! Use PowerShell, and run this command:
Get-ADUser -LDAPFilter "(objectCategory=user)(homePhone=20)" | Set-ADUser -Clear homePhone