Introduction to PowerShell Scripting – Active Directory
Answer for: Example 4: Adding a Foreach Loop
Pre-requisites
- Experiment with the foreach loop in isolation so that you understand its mechanism.
- Research more LDAP properties. For example the relationship between, GivenName (First name) and SN (Surname) and CN (Full name) .
# PowerShell Answer!
# Author: Guy Thomas
# Version 4.6 Sept 2007 tested on PowerShell v 1.0
$Dom = ‘LDAP://DC=cp;DC=mosel’
$Root = New-Object DirectoryServices.DirectoryEntry $Dom
$i=0
# Create a selector and start searching from the Root of AD
$selector = New-Object DirectoryServices.DirectorySearcher
$selector.SearchRoot = $root
$adobj= $selector.findall() |`
where {$_.properties.objectcategory -Match "CN=Person"}
foreach ($person in $adobj){
$prop=$person.properties
if ($prop.sn -ne $Null){
$i++
Write-host "First name: $($prop.givenname) " `
"Surname: $($prop.sn) User: $($prop.cn)"
} #Closing brace
}
"Total $i"
Learning Points
Note 1: By adding a filter, you can fine tune the output. This should result in a lower total as displayed by:
"Total $i". Talking of this tiny instruction on the last line, if you try: "Total " $i, frustratingly, the script does not work. "Total " +$i works but is long-winded.
Note 2: Observe the dollar sign in front of $Null. $Null is a special PowerShell variable. Omit the dollar and it does not work.
Note 3: Going back to basics, PowerShell uses minus eq and not an equals sign. -eq would be correct. My point is that the negative, not equal, is -ne (and not -neq).
Guy Recommends: SolarWinds’ Free Bulk Import Tool
Import users from a spreadsheet. Just provide a list of the users with their fields in the top row, and save as .csv file. Then launch this FREE utility and match your fields with AD’s attributes, click and import the users.
Optionally, you can provide the name of the OU where the new accounts will be born. Download your FREE bulk import tool.
If you need more comprehensive application analysis software,
Download a free trial of SAM (Server & Application Monitor)
Summary of PowerShell and Active Directory
It was with much relief that I discovered that PowerShell supplied a mechanism to query Active Directory. The secret is starting with new-object, then choosing the specific Com objects, DirectoryServices.DirectoryEntry and DirectoryServices.DirectorySearcher.
If you like this page then please share it with your friends
See more Microsoft PowerShell tasks:
• PowerShell Home • Shell Application • New-Object • PowerShell Add Printer • PowerShell -com
• PowerShell Logon Script • Map Network Drive • PowerShell Create Shortcut • Free CSV Import Tool
• Invoke-Expression • Invoke-Command • Invoke-Item • PowerShell Expression v Command Mode
Please email me if you have a better example script. Also please report any factual mistakes, grammatical errors or broken links, I will be happy to correct the fault.
