If you just want to know, for example, where a given user exists in your Active Directory, then searching for an account is a snap:
--- Begin code -----
cls
# sending LDAP query to Active Directory
#Change sAMAccountName for your query
$searcher = [ADSISearcher]'(&(objectClass=User)(objectCategory=person)(sAMAccountName=jpiggee*))'
# finding first match
$searcher.FindOne()
# finding ALL matches
$searcher.FindAll()
#This would find all user accounts with a SamAccountName that starts with "tobias". You can now use this approach to easily find out where an account is located:
# find account location
$searcher.FindAll() | Select-Object -ExpandProperty Path
---End Code ----
Joe Piggee
Showing posts with label AD. Show all posts
Showing posts with label AD. Show all posts
Thursday, October 17, 2013
Get More Detailed Information Using GetDirectoryEntry()
To get more detailed information about an accounts using GetDirectoryEntry() to turn the search result into actual account objects:
# send LDAP query to Active Directory
$searcher = [ADSISearcher]'(&(objectClass=User)(objectCategory=person)(sAMAccountName=*))'
# get 10 results max
$searcher.SizeLimit = 10
# find account location
$searcher.FindAll() |
# get account object
ForEach-Object { $_.GetDirectoryEntry() } |
# display all properties
Select-Object -Property * |
# display in a grid view window (ISE needs to be installed for this step)
Out-GridView
# Joe Piggee
Subscribe to:
Posts (Atom)