Here's an example to list all accounts in the directory using the Novell
LDAP library, which can be found here:
. Download the
lib-v2.1.7.zip file for the library. There are also some great examples in
C# that you can download.
$ldap = new-object Novell.Directory.Ldap.LdapConnection
$version = [Novell.Directory.Ldap.LdapConnection]::Ldap_V3
$port = [Novell.Directory.Ldap.LdapConnection]:
$scope = [Novell.Directory.Ldap.LdapConnection]::Scope_One
$filter = "(objectclass=*)"
$attrs = [Novell.Directory.Ldap.LdapConnection]::All_User_Attrs
$ldap.bind($version, "cn=user,o=orgname,c=US", "password")
$results = $ldap.Search("o=orgname,c=US", $scope, $filter, $attrs, $true)
$ldap = $null
"Alex K. Angelopoulos [MVP]" <firstname.lastname@example.org> wrote in message
>I never did see the compiled binary download link; I'll have to go back and
>look. Care to post a couple of examples of using the library?
> FYI for anyone else playing with LDAP, Wikipedia seems to have a _lot_ of
> useful resource links:
> "Tom G." <Tom.Glowacki@Sanford.com> wrote in message
>> Alex, the Novell library worked very well. It's pretty easy to use and
>> comes with some good C# examples that are easy to adapt to PowerShell.
>> Thank you very much for your help.
>> Tom G.
>> "Alex K. Angelopoulos [MVP]" <email@example.com> wrote in message
>>> "Tom G." <Tom.Glowacki@Sanford.com> wrote in message
>>>> Does anyone have an example that can bind to a directory other than
>>>> Active Directory?
>>> I don't know of a general LDAP server that I can test against, but there
>>> are 2 possible ways to approach this. The following is based on the
>>> assumption that .NET's System.DirectoryServices namespace does not
>>> support easy "pure" LDAP server access.
>>> (1) Use inline VBScript with the script control.
>>> This will allow you to directly retrieve an object instance. I can't
>>> test the OpenDSObject statement, but the following form _should_ work
>>> with a usable URL. (Bruce Payette talks about in-lining ActiveScript
>>> languages such as VBScript within PowerShell to do tasks that .NET's COM
>>> wrappers won't handle).
>>> Here's an example:
>>> $sc = New-Object -ComObject MSScriptControl.ScriptControl
>>> $sc.Language = "VBScript"
>>> $sc.AddCode('set ldap = GetObject("LDAP:")')
>>> #next line wraps
>>> $sc.AddCode('url =
>>> $dso = $sc.Eval('ldap.OpenDSObject(url)')
>>> Warning: this may not work very well for getting back something
>>> functional due to how nasty .NET gets about COM objects it doesn't
>>> understand. For example, if I try to do this:
>>> $ldap = $sc.Eval('ldap')
>>> $ldap | gm
>>> I get the dreaded "Get-Member : No object has been specified to
>>> get-member" error that shows up a lot in COM interop.
>>> IF you want to use method 1 and it gives you this error when you look at
>>> $dso (as I suspect it will) you'll need to get the data you need within
>>> VBScript code and turn it into something you can return.
>>> A variation of this is to load the Microsoft.VisualBasic assembly and
>>> use VB.NET's GetObject from PowerShell instead. This has the same
>>> problems with COM objects, so I recommend you use another alternative.
>>> (2) Possibly use Novell's generic LDAP server library for .NET
>>> See the following pages:
>>> This looks like it should provide working direct access to any
>>> LDAP-standard server. Since it is also open code (MIT license) it has
>>> some promise for longterm support. If you want to try this yourself and
>>> can't find a binary or compile the source, holler.