Working with Active Directory and LDAP PowerShell snippets.
## Additional AD PowerShell Examples:
# http://woshub.com/get-aduser-getting-active-directory-users-data-via-powershell/
#################################
## PowerShell in Practice
## by Richard Siddaway
##################################
## get group membership
##################################
$group = [ADSI]"LDAP://cn=UKPMs,ou=All Groups,dc=manticore,dc=org"
$group.member | Sort-Object
## Listing 5.25
## Get nested group membership
#################################
function resolve-group{
param ($group)
foreach ($member in $group.member)
{
$obj = [ADSI]("LDAP://" + $member)
$global:members += $obj.distinguishedname
if ($obj.objectclass[1] -eq 'group')
{
resolve-group $obj
}
}
}
$global:members = @()
$group = "LDAP://cn=International,ou=All Groups,dc=manticore,dc=org"
$group = [ADSI]$ldp
resolve-group $group
$global:members | Sort-Object -Unique
# ******************************************************************************
#################################
## PowerShell in Practice
## by Richard Siddaway
## Listing 5.26
## Get user's group membership
#################################
function resolve-membership
{
param ($group)
Write-Host $group
$group2 = [ADSI]("LDAP://" + $group)
if ($group2.memberof -ne $null)
{
foreach ($group3 in $group2.memberof)
{
resolve-membership $group3
}
}
}
$user = [ADSI]"LDAP://CN=WELLESLEY Arthur,OU=England,DC=Manticore,DC=org"
foreach ($group in $user.memberof)
{
resolve-membership $group
}
# ******************************************************************************
#################################
## PowerShell in Practice
## by Richard Siddaway
## Listing 5.12
## Searching for a user account
#################################
function Get-Distinguished-Name
{
Param (
[string]$commonName
)
$dom = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()
$root = $dom.GetDirectoryEntry()
$search = [System.DirectoryServices.DirectorySearcher]$root
$search.Filter = "(cn=$commonName)"
$result = $search.FindOne()
$distinguishedName = ""
if ($result -ne $null)
{
$distinguishedName = $result.properties.distinguishedname
}
return $distinguishedName
}
$dn = Get-Distinguished-Name "common_name_to_search"
write-host $dn
# ******************************************************************************
#################################
## PowerShell in Practice
## by Richard Siddaway
## Listing 11.1
## Discover domain controllers
#################################
$dom = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()
$dom.FindAllDomainControllers() | select Name, SiteName, IPAddress | Format-Table
# ******************************************************************************
#################################
## PowerShell in Practice
## by Richard Siddaway
## Listing 11.2
## Discover global catalog servers
##################################
$for = [System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest()
($gc = $for.FindAllGlobalCatalogs()) | select Name, IPAddress | Format-table