3. Working with the Domain Object
PowerShell includes an Active Directory Service
Interface (ADSI) that you can use to interact with Active Directory. The
basic command to invoke it is
This creates an object named $objdom and populates it with the value of the current domain. You can see this value with the $objdom command, as shown in the following listing:
PS C:\> $objdom
distinguishedName : {DC=pearson,DC=pub}
Path :
The following table shows you how to invoke and interact with the ADSI helper.
ADSI Commands | Comments |
---|
Get all members of the object.
PS C:\> $objdom | get-member | Shows all members of the object and gives you an idea of what you can do with it. |
List all OUs and containers.
PS C:\> $objdom.children | Lists children of the domain (the top-level OUs and containers, such as the Users and Computers containers). |
List the DN.
PS C:\> $objdom.distinguishedname | In the pearson.pub domain, the output is
DC=pearson,DC=pub |
Tip
You can also type $objdom. (with the period) and then tab through all the commands that are available.
4. Working with the system.directoryservices Namespace
You can also use the system.directoryservices
namespace to retrieve basic information about the domain. You first
populate an object with the domain information and then query the
object. The syntax to do each is shown in the following code:
PS C:\>$objdom =
[system.directoryservices.activedirectory.domain]::getcurrentdomain()
PS C:\>$objdom
Forest : pearson.pub
DomainControllers : {DC1.pearson.pub}
Children : {}
DomainMode : Windows2008Domain
Parent :
PdcRoleOwner : DC1.pearson.pub
RidRoleOwner : DC1.pearson.pub
InfrastructureRoleOwner : DC1.pearson.pub
Name : pearson.pub
Tip
This is a long line to remember, but of course, you can place it in your profile so that you always have the $objdom object available to you. You don’t even have to remember the command because you can type in $objdom. (with the period) and tab through the available commands.
Some other commands you can use are listed in the following table.
ADSI Commands | Comments |
---|
PS C:\> $objdom.forest | Provides
the following information on the forest: Name, Sites, Domains,
GlobalCatalogs, ApplicationPartitions, ForestMode, RootDomain, Schema,
SchemaRoleOwner, and NamingRoleOwner. |
PS C:\> $objdom.domaincontrollers | Provides
the following information on domain controllers in the domain:
CurrentTime, HighestCommittedUsn, OSVersion, Roles, Domain, IPAddress,
SiteName, SyncFromAllServersCallback, InboundConnections,
OutboundConnections, Name, and Partitions |
PS C:\> $objdom.
FindAllDiscoverableDomainControllers()
| Lists the domain controllers that can be reached. |
Similarly, you can also use the system.directoryservices
namespace to retrieve basic information about the forest. You first
populate an object with the forest information, and then query the
object. The syntax to do so is shown in the following code:
PS C:\>$objfor =
[system.directoryservices.activedirectory.forest]::getcurrentforest()
PS C:\>$objfor
Name : pearson.pub
Sites : {Default-First-Site-Name}
Domains : {pearson.pub}
GlobalCatalogs : {DC1.pearson.pub}
ApplicationPartitions : {DC=pcgpartition,DC=pearson,DC=pub,
DC=DomainDnsZones,DC=pearson,
DC=pub, DC=ForestDnsZones,DC=pearson,DC=pub}
ForestMode : Windows2003Forest
RootDomain : pearson.pub
Schema : CN=Schema,CN=Configuration,DC=pearson,DC=pub
SchemaRoleOwner : DC1.pearson.pub
NamingRoleOwner : DC1.pearson.pub
Some other commands you can use on the forest are shown in the following table.
ADSI Commands | Comments |
---|
PS C:\> $objfor.
FindAllDiscoverableGlobalCatalogs()
| Lists global catalog servers that can be reached. |
PS C:\> $objfor.ApplicationPartitions | Lists application partitions. |
5. Creating a List of Domain Computers
You can use the following script to create a list of computers with computer accounts in a domain:
Tip
You must run this on a computer that is joined to a domain, with an account that has permissions to query the domain.
$strfilter = "computer"
$dom = [adsi]""
$searcher = new-object system.directoryservices.directorysearcher
$searcher.searchroot = $dom
$Searcher.searchscope = "Subtree"
$searcher.filter = "(objectCategory=$strfilter)"
$results = $searcher.findall()
foreach ($entry in $results)
{
$computer = $entry.getdirectoryentry().name
$computer | out-file c:\data\computerlist.txt -append
}
The following table provides brief explanations of this code, including how you can slightly modify it for other uses.
List Domain Computers Script | Comments |
---|
$strfilter = "computer" | If you want to get a list of all users in the domain, change this to $strFilter = “user”. |
$dom = [adsi]"" | This line uses the ADSI accelerator to get the current domain. |
$searcher = new-object
system.directoryservices.
directorysearcher
$searcher.searchroot = $dom
$Searcher.searchscope = "Subtree"
| These lines set up the Active Directory searcher object to search the entire domain. |
$searcher.filter =
"(objectCategory=$strfilter)"
$results = $searcher.findall()
| The filter specifies computer objects from the first line in the script ($strfilter = “computer”). The $results variable is an array that contains all computer objects in the domain. |
foreach ($entry in $results)
{
$computer = $entry.
getdirectoryentry().name
$computer | out-file
c:\data\computerlist.txt -append
}
| The foreach loop then loops through the array ($results) that holds all the computer objects. Each computer object is named $i on each pass through the loop.
The name of the computer is retrieved using the $entry.getdirectoryentry().name line.
You can get the distinguished name using this line:
$ocomputer = $i.getdirectoryentry().distinguishedname
You can get the LDAP path using this line:
$ocomputer = $i.getdirectoryentry().path |