Pages

Sunday, September 11, 2016

PowerShell v2 Active Directory Using Search Syntax to Find Domain Users

Active Directory is a black hole I try to avoid at all costs.  In this case I had a project come up where I just could not put it off.  So, I reverted to stealing, cutting, pasting, and, praying.  In this case, I had recently seen Justin Richs Test-Server script on Technet:
Powershell Test-Server function for connectivity testing
In this post he outlined a way to find the names of all machines in a given domain:
$searcher = [adsisearcher] "(&(objectclass=computer)(operatingsystem=Windows Server*))"

$computers = $searcher.findall() | foreach {$_.properties.name}

$results = $computers | test-server -verbose
I recognized the language a little bit from having read The .NET Developers Guide to Directory Service Programming.  After a few failed tweaks I stumbled onto this MSDN link:
Search Filter Syntax 
From the information contained in this link I was able to tweak Justins commands to give me users:
$users  = ([adsisearcher] "(&(objectCategory=person))").FindAll()
Mine is a little shorter, but, the goal here was to find a one-liner to use during exploration.  Breaking it up into clear objects/variables as Justin did it much better for scripts as it is clear what you are doing.  If a non-PowerShell person read my command it would be virtually meaningless.  With proper variable naming an separation of commands it is a lot easier to use the code to communicate to someone doing maintenance down the road.

Related Posts by Categories

0 comments:

Post a Comment