Z@RAYS

Always A-HEAD, By being ahead you are always master of time

Hits

BOOKS

Sunday, February 04, 2007

[DSQuery]-With PowerShell

[DSQuery]-With PowerShell

Below post talks about querying AD. However before you go through this post I strongly recommend you go through below link from

MOW : - http://mow001.blogspot.com/2006/09/powershell-rc2-and-active-directory.html

Let me admit it that below post are original ideas and concept by MOM, here at the most I using better formatting and pulling out corollary out of it.


Connect to AD

[adsi]''
$root=[adsi]'' or $root=new-object directoryservices.directoryentry


List properties of AD Objects

$root fl *


List methods of AD Objects

$root.psbase gm -membertype method # Get all methods

Walk to the Domain structure to wanted OU

$root.psbase.Children

distinguishedName
-----------------
{CN=Builtin,DC=Zarays,DC=com}
{CN=Computers,DC=Zarays,DC=com}
{OU=Domain Controllers,DC=Zarays,DC=com}
{CN=ForeignSecurityPrincipals,DC=Zarays,DC=com}
{OU=France,DC=Zarays,DC=com}
{OU=India,DC=Zarays,DC=com}
{CN=Infrastructure,DC=Zarays,DC=com}
{CN=LostAndFound,DC=Zarays,DC=com}
{CN=NTDS Quotas,DC=Zarays,DC=com}
{CN=Program Data,DC=Zarays,DC=com}
{OU=Singapore,DC=Zarays,DC=com}
{CN=System,DC=Zarays,DC=com}
{OU=UK,DC=Zarays,DC=com}
{CN=Users,DC=Zarays,DC=com}

$users=$root.psbase.children.find('CN=Users') or $users=new-object directoryservices.directoryentry("LDAP://CN=Users,DC=Zarays,DC=com")

-To get properties of user containers

$users fl *

-To find user in a container

$users.psbase.Children.Find('cn=Preetam')

$users.psbase.Children.Find('cn=Preetam') fl *

Corollary 01

Lets use this feature.

$preetam=$users.psbase.Children.Find('cn=Preetam')

$shilpa=$users.psbase.Children.Find('cn=shilpa')

Compare-Object $preetam.memberOf $shilpa.memberOf

Output is

InputObject SideIndicator
----------- -------------
CN=Domain Admins,CN=Users,DC=Zarays,DC=com <=
CN=Enterprise Admins,CN=Users,DC=Zarays,DC=com <=
CN=Schema Admins,CN=Users,DC=Zarays,DC=com <=

Which means Shilpa is not member of above group

Corollary 02

$OU=new-object directoryservices.directoryentry("LDAP://ou=Singapore,dc=zarays,dc=com")

$b=$ou.psbase.children
foreach($c in $b) {
$c.mail
}

output is Email address of all users inside OU singapore. And these address are generally required when you need to communicate back with your colleagues when you leave you current job cool

Posted by PReetamZ at 1:37 PM

Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)