Introduction to PowerShell Scripting - Active Directory
Answer for: Example 4: Adding a Foreach Loop
Pre-requisites
Experiment with the foreach loop in isolation so that you understand its mechanism.
Research more LDAP properties. For example the relationship between, GivenName (First name) and SN (Surname) and CN (Full name) .
# PowerShell Answer! # Author: Guy Thomas # Version 4.6 Sept 2007 tested on PowerShell v 1.0 $Dom = 'LDAP://DC=cp;DC=mosel' $Root = New-Object DirectoryServices.DirectoryEntry $Dom $i=0
# Create a selector and start searching from the Root of AD $selector = New-Object DirectoryServices.DirectorySearcher $selector.SearchRoot = $root $adobj= $selector.findall() |` where
{$_.properties.objectcategory -match "CN=Person"} foreach ($person in $adobj){ $prop=$person.properties if ($prop.sn -ne $Null){
$i++ Write-host "First name: $($prop.givenname) " ` "Surname: $($prop.sn) User: $($prop.cn)" }
#Closing brace } "Total $i"
Learning Points
Note 1: By adding a filter, you can fine tune the output. This should result in a lower total as displayed by: "Total $i". Talking of this tiny
instruction on the last line, if you try: "Total " $i, frustratingly, the script does not work. "Total " +$i works but is long-winded.
Note 2: Observe the dollar sign in front of
$Null. $Null is a special PowerShell variable. Omit the dollar and it does not work.
Note 3: Going back to basics, PowerShell uses minus eq and not an equals sign. -eq
would be correct. My point is that the negative, not equal, is -ne (and not -neq).
Guy Recommends: Solarwinds' Free Bulk Import Tool
Import users from a spreadsheet. Just provide a list of the
users with their fields in the
top row, and save as .csv file. Then launch this FREE utility and match
your fields with AD's
attributes, click to import the users. Optionally, you can
provide the name of the OU where the new accounts will be born.
There are also two bonus tools in this free download, and all 3 have been approved by Microsoft:
It
was with much relief that I discovered that PowerShell supplied a mechanism to query Active Directory. The secret is starting with new-object, then choosing the specific Com objects, DirectoryServices.DirectoryEntry
and DirectoryServices.DirectorySearcher.
If you like this page then please share it with your friends
Please email me if you have a better example script. Also please report any factual mistakes, grammatical errors or broken links, I will be happy to correct the fault.
Windows Management Instrumentation (WMI) is one of the hidden
treasures of Microsoft operating systems.
Fortunately, Solarwinds
have created the
Free WMI Monitor so that you can actually see and understand these gems of
performance information. Take the guess work out of which
WMI counters to use for applications like Microsoft Active Directory,
SQL or Exchange Server.
