|
 |  |  |  |  |  |  |
| Welcome to Windows Vista Forums. Our forum is dedicated to helping you find solutions with any problems, errors or issues you are experiencing with Windows Vista. The Vista forum also covers news and updates and has an extensive Windows Vista tutorial section that covers a wide range of tips and tricks. |
| |||||||
 |
| |
10-24-2007
| #1 (permalink) |
| | Problems obtaining user properties from Active Directory I have a problem where particular user properties can be viewed via adsiedit but are not displayed by Powershell - Powershell happily returns a name or a cn but when I try to return for example pwdLastSet or createTimeStamp for users then no data is returned. I am running .NET 2.0 I have some sample script below which homes in on the problem I am having - any advice would be muchly appeciated as I have started using PS and if I can't get this working I'm going to have to revert to VBScript: # $Dom = 'LDAP://ou=X,dc=X,dc=X' $Root = New-Object DirectoryServices.DirectoryEntry $Dom cls Write-host "PowerShell connects to domain: $Dom `n" # Create a selector and start searching from the Root of AD $selector = New-Object DirectoryServices.DirectorySearcher $selector.SearchRoot = $root # Filter the users with -like "CN=*". Note the ForEach loop $adobj= $selector.findall() ` | where {$_.properties.objectcategory -like "CN=*"} foreach ($Group in $adobj){ $prop=$Group.properties Write-host "$($prop.name)" } Write-host "`n`n" Write-host "There are $($adobj.count) Groups in the $($root.name) OU." ## ######EndOfScript -- jobbsy@xxxxxx |
My System Specs |
|
10-24-2007
| #2 (permalink) |
| | RE: Problems obtaining user properties from Active Directory Please don't leave us for VBScript! I am not an ADSI expert so I am using AD cmdlets for tasks like this. Try this and Get-QADUser -IncludeAllProperties In my domain, this displayed my pwdLastSet and createTimeStamp just fine: Get-QADUser dsotniko -IncludeAllProperties | Format-Table Name, pwdLastSet, createTimeStamp Also, see http://dmitrysotnikov.wordpress.com/...th-powershell/ -- Dmitry Sotnikov http://dmitrysotnikov.wordpress.com "Jobbsy" wrote: Quote: > I have a problem where particular user properties can be viewed via adsiedit > but are not displayed by Powershell - Powershell happily returns a name or a > cn but when I try to return for example pwdLastSet or createTimeStamp for > users then no data is returned. I am running .NET 2.0 > > I have some sample script below which homes in on the problem I am having - > any advice would be muchly appeciated as I have started using PS and if I > can't get this working I'm going to have to revert to VBScript: > > # > > $Dom = 'LDAP://ou=X,dc=X,dc=X' > > $Root = New-Object DirectoryServices.DirectoryEntry $Dom cls Write-host > "PowerShell connects to domain: $Dom `n" > > # Create a selector and start searching from the Root of AD $selector = > New-Object DirectoryServices.DirectorySearcher > > $selector.SearchRoot = $root > > # Filter the users with -like "CN=*". Note the ForEach loop $adobj= > > $selector.findall() ` > > | where {$_.properties.objectcategory -like "CN=*"} > > foreach ($Group in $adobj){ > > $prop=$Group.properties > > Write-host "$($prop.name)" > > } > > Write-host "`n`n" > > Write-host "There are $($adobj.count) Groups in the $($root.name) OU." > > ## > > ######EndOfScript > > > -- > jobbsy@xxxxxx |
| My System Specs |
|
10-24-2007
| #3 (permalink) |
| | RE: Problems obtaining user properties from Active Directory While I agree with Dmitry the Quest AD tools are your best bet as they make the task very simple I think you should know the problem you are having is because of the type of data that is stored in those attributes. You would have a simular problem in vbscript except it does provide a translater for the iADSLargeInterger. I have a blog post on this here that provides an explaination as well as several example on how to accomplish your goal. http://bsonposh.com/modules/wordpress/?p=30 The short answer is that in Powershell you can use the DirectorySearcher. To be clear, if you dont mind installing the quest tools (and I recommend you do) they are definately your best bet. Hello Dmitry, Quote: > Please don't leave us for VBScript! > > I am not an ADSI expert so I am using AD cmdlets for tasks like this. > Try this and > > Get-QADUser -IncludeAllProperties > > In my domain, this displayed my pwdLastSet and createTimeStamp just > fine: > > Get-QADUser dsotniko -IncludeAllProperties | Format-Table Name, > pwdLastSet, createTimeStamp > > Also, see > http://dmitrysotnikov.wordpress.com/...d-attribute-wi > th-powershell/ > > "Jobbsy" wrote: > Quote: >> I have a problem where particular user properties can be viewed via >> adsiedit but are not displayed by Powershell - Powershell happily >> returns a name or a cn but when I try to return for example >> pwdLastSet or createTimeStamp for users then no data is returned. I >> am running .NET 2.0 >> >> I have some sample script below which homes in on the problem I am >> having - any advice would be muchly appeciated as I have started >> using PS and if I can't get this working I'm going to have to revert >> to VBScript: >> >> # >> >> $Dom = 'LDAP://ou=X,dc=X,dc=X' >> >> $Root = New-Object DirectoryServices.DirectoryEntry $Dom cls >> Write-host "PowerShell connects to domain: $Dom `n" >> >> # Create a selector and start searching from the Root of AD $selector >> = New-Object DirectoryServices.DirectorySearcher >> >> $selector.SearchRoot = $root >> >> # Filter the users with -like "CN=*". Note the ForEach loop $adobj= >> >> $selector.findall() ` >> >> | where {$_.properties.objectcategory -like "CN=*"} >> >> foreach ($Group in $adobj){ >> >> $prop=$Group.properties >> >> Write-host "$($prop.name)" >> >> } >> >> Write-host "`n`n" >> >> Write-host "There are $($adobj.count) Groups in the $($root.name) >> OU." >> >> ## >> >> ######EndOfScript >> >> -- jobbsy@xxxxxx >> |
| My System Specs |
|
10-24-2007
| #4 (permalink) |
| | RE: Problems obtaining user properties from Active Directory I think your script needs to be something like this $root = [ADSI]"LDAP://ou=x,dc=y,dc=centiq,dc=w,dc=z" $search = [System.DirectoryServices.DirectorySearcher]$root $search.Filter = "(objectclass=user)" $result = $search.FindAll() $result | foreach {$_.properties.name} If you want to see the properties available run the above with findone() instaed of finall() and add $result.properties.propertynames to the end of the script -- Richard Siddaway Please note that all scripts are supplied "as is" and with no warranty Blog: http://richardsiddaway.spaces.live.com/ PowerShell User Group: http://www.get-psuguk.org.uk "Jobbsy" wrote: Quote: > I have a problem where particular user properties can be viewed via adsiedit > but are not displayed by Powershell - Powershell happily returns a name or a > cn but when I try to return for example pwdLastSet or createTimeStamp for > users then no data is returned. I am running .NET 2.0 > > I have some sample script below which homes in on the problem I am having - > any advice would be muchly appeciated as I have started using PS and if I > can't get this working I'm going to have to revert to VBScript: > > # > > $Dom = 'LDAP://ou=X,dc=X,dc=X' > > $Root = New-Object DirectoryServices.DirectoryEntry $Dom cls Write-host > "PowerShell connects to domain: $Dom `n" > > # Create a selector and start searching from the Root of AD $selector = > New-Object DirectoryServices.DirectorySearcher > > $selector.SearchRoot = $root > > # Filter the users with -like "CN=*". Note the ForEach loop $adobj= > > $selector.findall() ` > > | where {$_.properties.objectcategory -like "CN=*"} > > foreach ($Group in $adobj){ > > $prop=$Group.properties > > Write-host "$($prop.name)" > > } > > Write-host "`n`n" > > Write-host "There are $($adobj.count) Groups in the $($root.name) OU." > > ## > > ######EndOfScript > > > -- > jobbsy@xxxxxx |
| My System Specs |
|
10-24-2007
| #5 (permalink) |
| | RE: Problems obtaining user properties from Active Directory I put a script a couple of weeks back showing how to use pwdlastset with the AD cmdlets http://richardsiddaway.spaces.live.c...3E96!762.entry -- Richard Siddaway Please note that all scripts are supplied "as is" and with no warranty Blog: http://richardsiddaway.spaces.live.com/ PowerShell User Group: http://www.get-psuguk.org.uk "Brandon Shell [MVP]" wrote: Quote: > While I agree with Dmitry the Quest AD tools are your best bet as they make > the task very simple I think you should know the problem you are having is > because of the type of data that is stored in those attributes. You would > have a simular problem in vbscript except it does provide a translater for > the iADSLargeInterger. I have a blog post on this here that provides an explaination > as well as several example on how to accomplish your goal. > > http://bsonposh.com/modules/wordpress/?p=30 > > The short answer is that in Powershell you can use the DirectorySearcher. > > To be clear, if you dont mind installing the quest tools (and I recommend > you do) they are definately your best bet. > > Hello Dmitry, > Quote: > > Please don't leave us for VBScript! > > > > I am not an ADSI expert so I am using AD cmdlets for tasks like this. > > Try this and > > > > Get-QADUser -IncludeAllProperties > > > > In my domain, this displayed my pwdLastSet and createTimeStamp just > > fine: > > > > Get-QADUser dsotniko -IncludeAllProperties | Format-Table Name, > > pwdLastSet, createTimeStamp > > > > Also, see > > http://dmitrysotnikov.wordpress.com/...d-attribute-wi > > th-powershell/ > > > > "Jobbsy" wrote: > > Quote: > >> I have a problem where particular user properties can be viewed via > >> adsiedit but are not displayed by Powershell - Powershell happily > >> returns a name or a cn but when I try to return for example > >> pwdLastSet or createTimeStamp for users then no data is returned. I > >> am running .NET 2.0 > >> > >> I have some sample script below which homes in on the problem I am > >> having - any advice would be muchly appeciated as I have started > >> using PS and if I can't get this working I'm going to have to revert > >> to VBScript: > >> > >> # > >> > >> $Dom = 'LDAP://ou=X,dc=X,dc=X' > >> > >> $Root = New-Object DirectoryServices.DirectoryEntry $Dom cls > >> Write-host "PowerShell connects to domain: $Dom `n" > >> > >> # Create a selector and start searching from the Root of AD $selector > >> = New-Object DirectoryServices.DirectorySearcher > >> > >> $selector.SearchRoot = $root > >> > >> # Filter the users with -like "CN=*". Note the ForEach loop $adobj= > >> > >> $selector.findall() ` > >> > >> | where {$_.properties.objectcategory -like "CN=*"} > >> > >> foreach ($Group in $adobj){ > >> > >> $prop=$Group.properties > >> > >> Write-host "$($prop.name)" > >> > >> } > >> > >> Write-host "`n`n" > >> > >> Write-host "There are $($adobj.count) Groups in the $($root.name) > >> OU." > >> > >> ## > >> > >> ######EndOfScript > >> > >> -- jobbsy@xxxxxx > >> > > |
| My System Specs |
|
10-24-2007
| #6 (permalink) |
| | Re: Problems obtaining user properties from Active Directory Just to add on ... powershell Active directory properties names are *case-sensitive* compare to using vbscript. i just realised that. Use gm to list properties :-( "RichS" <RichS@xxxxxx> wrote in message news:90D04296-B2FD-4B2C-80F8-FD4E6D3C1525@xxxxxx Quote: >I think your script needs to be something like this > > $root = [ADSI]"LDAP://ou=x,dc=y,dc=centiq,dc=w,dc=z" > > $search = [System.DirectoryServices.DirectorySearcher]$root > $search.Filter = "(objectclass=user)" > $result = $search.FindAll() > > $result | foreach {$_.properties.name} > > If you want to see the properties available run the above with findone() > instaed of finall() and add > > $result.properties.propertynames > > to the end of the script > -- > Richard Siddaway > Please note that all scripts are supplied "as is" and with no warranty > Blog: http://richardsiddaway.spaces.live.com/ > PowerShell User Group: http://www.get-psuguk.org.uk > > > "Jobbsy" wrote: > Quote: >> I have a problem where particular user properties can be viewed via >> adsiedit >> but are not displayed by Powershell - Powershell happily returns a name >> or a >> cn but when I try to return for example pwdLastSet or createTimeStamp for >> users then no data is returned. I am running .NET 2.0 >> >> I have some sample script below which homes in on the problem I am >> having - >> any advice would be muchly appeciated as I have started using PS and if I >> can't get this working I'm going to have to revert to VBScript: >> >> # >> >> $Dom = 'LDAP://ou=X,dc=X,dc=X' >> >> $Root = New-Object DirectoryServices.DirectoryEntry $Dom cls Write-host >> "PowerShell connects to domain: $Dom `n" >> >> # Create a selector and start searching from the Root of AD $selector = >> New-Object DirectoryServices.DirectorySearcher >> >> $selector.SearchRoot = $root >> >> # Filter the users with -like "CN=*". Note the ForEach loop $adobj= >> >> $selector.findall() ` >> >> | where {$_.properties.objectcategory -like "CN=*"} >> >> foreach ($Group in $adobj){ >> >> $prop=$Group.properties >> >> Write-host "$($prop.name)" >> >> } >> >> Write-host "`n`n" >> >> Write-host "There are $($adobj.count) Groups in the $($root.name) OU." >> >> ## >> >> ######EndOfScript >> >> >> -- >> jobbsy@xxxxxx |
| My System Specs |
|
10-25-2007
| #7 (permalink) |
| | Re: Problems obtaining user properties from Active Directory AD properties are not case-sensitive. I think what you are referring to is to a SearchResult which you get back from a DirectorySearcher. If you do a GetDirectoryEntry() on the results it will not be case sensative. "IT Staff" <jkklim@xxxxxx> wrote in message news:uhXAtBrFIHA.1188@xxxxxx Quote: > Just to add on ... > > powershell Active directory properties names are *case-sensitive* compare > to using vbscript. > > i just realised that. Use gm to list properties :-( > > > "RichS" <RichS@xxxxxx> wrote in message > news:90D04296-B2FD-4B2C-80F8-FD4E6D3C1525@xxxxxx Quote: >>I think your script needs to be something like this >> >> $root = [ADSI]"LDAP://ou=x,dc=y,dc=centiq,dc=w,dc=z" >> >> $search = [System.DirectoryServices.DirectorySearcher]$root >> $search.Filter = "(objectclass=user)" >> $result = $search.FindAll() >> >> $result | foreach {$_.properties.name} >> >> If you want to see the properties available run the above with findone() >> instaed of finall() and add >> >> $result.properties.propertynames >> >> to the end of the script >> -- >> Richard Siddaway >> Please note that all scripts are supplied "as is" and with no warranty >> Blog: http://richardsiddaway.spaces.live.com/ >> PowerShell User Group: http://www.get-psuguk.org.uk >> >> >> "Jobbsy" wrote: >> Quote: >>> I have a problem where particular user properties can be viewed via >>> adsiedit >>> but are not displayed by Powershell - Powershell happily returns a name >>> or a >>> cn but when I try to return for example pwdLastSet or createTimeStamp >>> for >>> users then no data is returned. I am running .NET 2.0 >>> >>> I have some sample script below which homes in on the problem I am >>> having - >>> any advice would be muchly appeciated as I have started using PS and if >>> I >>> can't get this working I'm going to have to revert to VBScript: >>> >>> # >>> >>> $Dom = 'LDAP://ou=X,dc=X,dc=X' >>> >>> $Root = New-Object DirectoryServices.DirectoryEntry $Dom cls Write-host >>> "PowerShell connects to domain: $Dom `n" >>> >>> # Create a selector and start searching from the Root of AD $selector = >>> New-Object DirectoryServices.DirectorySearcher >>> >>> $selector.SearchRoot = $root >>> >>> # Filter the users with -like "CN=*". Note the ForEach loop $adobj= >>> >>> $selector.findall() ` >>> >>> | where {$_.properties.objectcategory -like "CN=*"} >>> >>> foreach ($Group in $adobj){ >>> >>> $prop=$Group.properties >>> >>> Write-host "$($prop.name)" >>> >>> } >>> >>> Write-host "`n`n" >>> >>> Write-host "There are $($adobj.count) Groups in the $($root.name) OU." >>> >>> ## >>> >>> ######EndOfScript >>> >>> >>> -- >>> jobbsy@xxxxxx > |
| My System Specs |
|
10-25-2007
| #8 (permalink) |
| | Re: Problems obtaining user properties from Active Directory PowerShell tends to be case insensitive and AD attributes have always been case insensitive -- Richard Siddaway Please note that all scripts are supplied "as is" and with no warranty Blog: http://richardsiddaway.spaces.live.com/ PowerShell User Group: http://www.get-psuguk.org.uk "IT Staff" wrote: Quote: > Just to add on ... > > powershell Active directory properties names are *case-sensitive* compare to > using vbscript. > > i just realised that. Use gm to list properties :-( > > > "RichS" <RichS@xxxxxx> wrote in message > news:90D04296-B2FD-4B2C-80F8-FD4E6D3C1525@xxxxxx Quote: > >I think your script needs to be something like this > > > > $root = [ADSI]"LDAP://ou=x,dc=y,dc=centiq,dc=w,dc=z" > > > > $search = [System.DirectoryServices.DirectorySearcher]$root > > $search.Filter = "(objectclass=user)" > > $result = $search.FindAll() > > > > $result | foreach {$_.properties.name} > > > > If you want to see the properties available run the above with findone() > > instaed of finall() and add > > > > $result.properties.propertynames > > > > to the end of the script > > -- > > Richard Siddaway > > Please note that all scripts are supplied "as is" and with no warranty > > Blog: http://richardsiddaway.spaces.live.com/ > > PowerShell User Group: http://www.get-psuguk.org.uk > > > > > > "Jobbsy" wrote: > > Quote: > >> I have a problem where particular user properties can be viewed via > >> adsiedit > >> but are not displayed by Powershell - Powershell happily returns a name > >> or a > >> cn but when I try to return for example pwdLastSet or createTimeStamp for > >> users then no data is returned. I am running .NET 2.0 > >> > >> I have some sample script below which homes in on the problem I am > >> having - > >> any advice would be muchly appeciated as I have started using PS and if I > >> can't get this working I'm going to have to revert to VBScript: > >> > >> # > >> > >> $Dom = 'LDAP://ou=X,dc=X,dc=X' > >> > >> $Root = New-Object DirectoryServices.DirectoryEntry $Dom cls Write-host > >> "PowerShell connects to domain: $Dom `n" > >> > >> # Create a selector and start searching from the Root of AD $selector = > >> New-Object DirectoryServices.DirectorySearcher > >> > >> $selector.SearchRoot = $root > >> > >> # Filter the users with -like "CN=*". Note the ForEach loop $adobj= > >> > >> $selector.findall() ` > >> > >> | where {$_.properties.objectcategory -like "CN=*"} > >> > >> foreach ($Group in $adobj){ > >> > >> $prop=$Group.properties > >> > >> Write-host "$($prop.name)" > >> > >> } > >> > >> Write-host "`n`n" > >> > >> Write-host "There are $($adobj.count) Groups in the $($root.name) OU." > >> > >> ## > >> > >> ######EndOfScript > >> > >> > >> -- > >> jobbsy@xxxxxx > > |
| My System Specs |
|
10-25-2007
| #9 (permalink) |
| | Re: Problems obtaining user properties from Active Directory Thanks for all your advice - I am actually testing this on a 32 bit VM but the final script will be run on x64 DCs - I have installed x64 .Net 2.0 and PS on the DCs ready for the script once completed - I originally looked at going down the Quest CMDlets route but didn't like the 'RC' part especially as I was going to ultimately run this on x64 production DCs - I thought to go the longer route may be safer and would prove a good learning experience at the same time - are the CMDlets x64 compliant - am I asking for trouble testing on 32 bit then running on x64 prod DCs? -- jobbsy@xxxxxx "RichS" wrote: Quote: > PowerShell tends to be case insensitive and AD attributes have always been > case insensitive > -- > Richard Siddaway > Please note that all scripts are supplied "as is" and with no warranty > Blog: http://richardsiddaway.spaces.live.com/ > PowerShell User Group: http://www.get-psuguk.org.uk > > > "IT Staff" wrote: > Quote: > > Just to add on ... > > > > powershell Active directory properties names are *case-sensitive* compare to > > using vbscript. > > > > i just realised that. Use gm to list properties :-( > > > > > > "RichS" <RichS@xxxxxx> wrote in message > > news:90D04296-B2FD-4B2C-80F8-FD4E6D3C1525@xxxxxx Quote: > > >I think your script needs to be something like this > > > > > > $root = [ADSI]"LDAP://ou=x,dc=y,dc=centiq,dc=w,dc=z" > > > > > > $search = [System.DirectoryServices.DirectorySearcher]$root > > > $search.Filter = "(objectclass=user)" > > > $result = $search.FindAll() > > > > > > $result | foreach {$_.properties.name} > > > > > > If you want to see the properties available run the above with findone() > > > instaed of finall() and add > > > > > > $result.properties.propertynames > > > > > > to the end of the script > > > -- > > > Richard Siddaway > > > Please note that all scripts are supplied "as is" and with no warranty > > > Blog: http://richardsiddaway.spaces.live.com/ > > > PowerShell User Group: http://www.get-psuguk.org.uk > > > > > > > > > "Jobbsy" wrote: > > > > > >> I have a problem where particular user properties can be viewed via > > >> adsiedit > > >> but are not displayed by Powershell - Powershell happily returns a name > > >> or a > > >> cn but when I try to return for example pwdLastSet or createTimeStamp for > > >> users then no data is returned. I am running .NET 2.0 > > >> > > >> I have some sample script below which homes in on the problem I am > > >> having - > > >> any advice would be muchly appeciated as I have started using PS and if I > > >> can't get this working I'm going to have to revert to VBScript: > > >> > > >> # > > >> > > >> $Dom = 'LDAP://ou=X,dc=X,dc=X' > > >> > > >> $Root = New-Object DirectoryServices.DirectoryEntry $Dom cls Write-host > > >> "PowerShell connects to domain: $Dom `n" > > >> > > >> # Create a selector and start searching from the Root of AD $selector = > > >> New-Object DirectoryServices.DirectorySearcher > > >> > > >> $selector.SearchRoot = $root > > >> > > >> # Filter the users with -like "CN=*". Note the ForEach loop $adobj= > > >> > > >> $selector.findall() ` > > >> > > >> | where {$_.properties.objectcategory -like "CN=*"} > > >> > > >> foreach ($Group in $adobj){ > > >> > > >> $prop=$Group.properties > > >> > > >> Write-host "$($prop.name)" > > >> > > >> } > > >> > > >> Write-host "`n`n" > > >> > > >> Write-host "There are $($adobj.count) Groups in the $($root.name) OU." > > >> > > >> ## > > >> > > >> ######EndOfScript > > >> > > >> > > >> -- > > >> jobbsy@xxxxxx > > > > |
| My System Specs |
|
10-25-2007
| #10 (permalink) |
| | Re: Problems obtaining user properties from Active Directory PS H:\> $sam="nt id" PS H:\> $searcher=New-Object DirectoryServices.DirectorySearcher PS H:\> PS H:\> $searcher.Filter="(&(objectcategory=person)(objectclass=user)(samaccountname="+$sam+"))" PS H:\> PS H:\> $results=$searcher.FindOne() PS H:\> $results.properties $results.properties.title # it display results $results.properties.TITLE # it does not display results Can any1 explain the case sensitive issues ? "RichS" <RichS@xxxxxx> wrote in message news:3EF6486A-7DA5-4F3A-8563-FB49D1A25BC2@xxxxxx Quote: > PowerShell tends to be case insensitive and AD attributes have always been > case insensitive > -- > Richard Siddaway > Please note that all scripts are supplied "as is" and with no warranty > Blog: http://richardsiddaway.spaces.live.com/ > PowerShell User Group: http://www.get-psuguk.org.uk > > > "IT Staff" wrote: > Quote: >> Just to add on ... >> >> powershell Active directory properties names are *case-sensitive* compare >> to >> using vbscript. >> >> i just realised that. Use gm to list properties :-( >> >> >> "RichS" <RichS@xxxxxx> wrote in message >> news:90D04296-B2FD-4B2C-80F8-FD4E6D3C1525@xxxxxx Quote: >> >I think your script needs to be something like this >> > >> > $root = [ADSI]"LDAP://ou=x,dc=y,dc=centiq,dc=w,dc=z" >> > >> > $search = [System.DirectoryServices.DirectorySearcher]$root >> > $search.Filter = "(objectclass=user)" >> > $result = $search.FindAll() >> > >> > $result | foreach {$_.properties.name} >> > >> > If you want to see the properties available run the above with >> > findone() >> > instaed of finall() and add >> > >> > $result.properties.propertynames >> > >> > to the end of the script >> > -- >> > Richard Siddaway >> > Please note that all scripts are supplied "as is" and with no warranty >> > Blog: http://richardsiddaway.spaces.live.com/ >> > PowerShell User Group: http://www.get-psuguk.org.uk >> > >> > >> > "Jobbsy" wrote: >> > >> >> I have a problem where particular user properties can be viewed via >> >> adsiedit >> >> but are not displayed by Powershell - Powershell happily returns a >> >> name >> >> or a >> >> cn but when I try to return for example pwdLastSet or createTimeStamp >> >> for >> >> users then no data is returned. I am running .NET 2.0 >> >> >> >> I have some sample script below which homes in on the problem I am >> >> having - >> >> any advice would be muchly appeciated as I have started using PS and >> >> if I >> >> can't get this working I'm going to have to revert to VBScript: >> >> >> >> # >> >> >> >> $Dom = 'LDAP://ou=X,dc=X,dc=X' >> >> >> >> $Root = New-Object DirectoryServices.DirectoryEntry $Dom cls >> >> Write-host >> >> "PowerShell connects to domain: $Dom `n" >> >> >> >> # Create a selector and start searching from the Root of AD $selector >> >> = >> >> New-Object DirectoryServices.DirectorySearcher >> >> >> >> $selector.SearchRoot = $root >> >> >> >> # Filter the users with -like "CN=*". Note the ForEach loop $adobj= >> >> >> >> $selector.findall() ` >> >> >> >> | where {$_.properties.objectcategory -like "CN=*"} >> >> >> >> foreach ($Group in $adobj){ >> >> >> >> $prop=$Group.properties >> >> >> >> Write-host "$($prop.name)" >> >> >> >> } >> >> >> >> Write-host "`n`n" >> >> >> >> Write-host "There are $($adobj.count) Groups in the $($root.name) OU." >> >> >> >> ## >> >> >> >> ######EndOfScript >> >> >> >> >> >> -- >> >> jobbsy@xxxxxx >> >> |
| My System Specs |
|
| Thread Tools | |
| |
Similar Threads | ||||
| Thread | Forum | |||
| Scripting Active Directory User Objects | VB Script | |||
| accountExpire user attribute in Active Directory | PowerShell | |||
| Active Directory | Vista mail | |||
| Active Directory Problems | Vista installation & setup | |||
| active directory | PowerShell | |||
