Tuesday, November 1, 2016

PowerShell v2 Active Directory Find All Users

These posts are as much for me as for anyone else.  I need to sometimes find things in a pinch and the AD (or Quest) cmdlets are not an option.  Hence, these guys...  This command will list all members of a domain.  I am not sure, but, I believe it assumes the attached domain.  Ill try to verify that.  I know it does not have to be run from a controller; I ran this on a domain member machine and it worked fine:
([adsisearcher] "(&(objectCategory=person))").FindAll()
This returns two rows for each record: path (a string) and properties (a ResultPropertyCollection):
([adsisearcher] "(&(objectCategory=person))").FindAll() | select -first 1 | gm

   TypeName: System.DirectoryServices.SearchResult
Name              MemberType Definition
----              ---------- ----------
Equals            Method     bool Equals(System.Object obj)
GetDirectoryEntry Method     adsi GetDirectoryEntry()
GetHashCode       Method     int GetHashCode()
GetType           Method     type GetType()
ToString          Method     string ToString()
Path              Property   System.String Path {get;}
Properties        Property   System.DirectoryServices.ResultPropertyCollection Properties {get;}
To explore the members of the Properties you can use a variety of approaches.  Here are two I like:

  • Select -ExpandProperty cn - if you want the specific property CN for each ResultPropretyCollection
  • Foreach-Object {$_.properties.CN} - this returns the same value by passing each ResultPropertyCollection to an enumerator, and retrieving the property from the properties.

Both approaches work fine, and, each has its strengths and weaknesses depending one what you are trying to do.  Remember, if you use select, the new type returned from the cmdlet is a PSCustomObject.

Related Post:

0 comments:

Post a Comment

 
Copyright 2009 Information Blog
Powered By Blogger