Reflections on [ADSI] and [ADSISEARCHER]

What the heck is [ADSI] and [ADSISEARCHER] ?

# What the heck is [ADSISEARCHER] ?
[adsisearcher]"" | gm # TypeName: System.DirectoryServices.DirectorySearcher
$DirectorySearcherObject = [adsisearcher]""

# This object has an empty filter...
$DirectorySearcherObject.Filter

# So let's set a filter with my computer named LA0015
$DirectorySearcherObject.Filter = "name=LA0015"

# The FindOne method will...find something in AD...but what?
$DirectorySearcherObject.findone() | gm # TypeName: System.DirectoryServices.SearchResult
$SearchResultObject = $DirectorySearcherObject.findone()

# Now you can get the distinguished name of the computer by using the Path method...
$computerDN = $SearchResultObject.Path.TrimStart("LDAP://")

# So what is [ADSI] then? I takes the distinguished name as parameter including the LDAP:// prefix
[ADSI]”LDAP://$ComputerDN” | gm # TypeName: System.DirectoryServices.DirectoryEntry
$DirectoryEntryObject = [ADSI]”LDAP://$ComputerDN”

# What can I do with the DirectoryEntry object? Well...I can move it!
$DirectoryEntryObject.MoveTo("LDAP://OU=Desktops,OU=Computers,OU=Company,DC=PTEST,DC=LOCAL")

# What the heck is [ADSISEARCHER] ?

[adsisearcher]"" | gm # TypeName: System.DirectoryServices.DirectorySearcher

$DirectorySearcherObject = [adsisearcher]""

# This object has an empty filter...

$DirectorySearcherObject.Filter

# So let's set a filter with my computer named LA0015

$DirectorySearcherObject.Filter = "name=LA0015"

# The FindOne method will...find something in AD...but what?

$DirectorySearcherObject.findone() | gm # TypeName: System.DirectoryServices.SearchResult

$SearchResultObject = $DirectorySearcherObject.findone()

# Now you can get the distinguished name of the computer by using the Path method...

$computerDN = $SearchResultObject.Path.TrimStart("LDAP://")

# So what is [ADSI] then? I takes the distinguished name as parameter including the LDAP:// prefix

[ADSI]”LDAP://$ComputerDN” | gm # TypeName: System.DirectoryServices.DirectoryEntry

$DirectoryEntryObject = [ADSI]”LDAP://$ComputerDN”

# What can I do with the DirectoryEntry object? Well...I can move it!

$DirectoryEntryObject.MoveTo("LDAP://OU=Desktops,OU=Computers,OU=Company,DC=PTEST,DC=LOCAL")

All this is useful if you don’t have the PowerShell AD module available, e.g. in WinPE. Enjoy 🙂

Source: https://blogs.technet.microsoft.com/heyscriptingguy/2010/08/24/use-the-powershell-adsisearcher-type-accelerator-to-search-active-directory/

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Who am I?

Categories

Administration

Reflections on [ADSI] and [ADSISEARCHER]

Share your thoughts Cancel reply

Who am I?

Categories

Tags

Administration

Share your thoughts Cancel reply