ADSISearcher (Part 2)

ADSISearcher is a class for searching for objects in Active Directory. It is part of .NET framework (System.DirectoryServices.DirectorySearcher) and van be accessed via PowerShell by creating object for the above class

• Example:
  • $adsiSearcherObj = New-Object –TypeName System.DirectoryServices.DirectorySearcher
    • takes the LDAP path to current domain by default
    • Pass ADSI Directory Entry object type as ArgumentList to change the search path
      • -ArgumentList @([ADSI]”LDAP://dc=ycsccorp,dc=local”)

OR

• • $adsiObj = [ADSI]”LDAP://dc=ind,dc=ycsccorp,dc=local”
  • $adsiSearcherObj = [adsisearcher]$adsiObj

OR

• • $adsiSearcherObj = [adsisearcher][ADSI]”LDAP://dc=ycsccorp,dc=local”

ADSISearcher Functions

To perform search operations, via ADSISearcher, on the specified search root we use FineOne() and FindAll() methods

• Syntax:
  • Search for single object
    • $adsiSearcherObj.FindOne() – by default returns information about the search root
  • Search for multiple objects
    • $adsiSearcherObj.FindAll() – by default returns information about all objects within the search root

ADSISearcher Filters

We can search the search root for specific objects by using the Filter property offered by ADSISearcher object.

• Syntax:
  • Filter for single object
    • $adsiSearcherObj.Filter = “samAccountName=user.ind02”
  • Filter using wild cards
    • $adsiSearcherObj.Filter = “cn=*user*”
    • $adsiSearcherObj.Filter = “ou=*”
  • Combining multiple filters
    • $adsiSearcherObj.Filter = “(&(cn=*admin*)(objectCategory=group))”
    • $adsiSearcherObj.Filter = “(|(cn=*sql*)(objectCategory=computer))”
    • $adsiSearcherObj.Filter = “(&(!name=*ind*)(objectCategory=user))”

To learn about the Active Directory architecture used in this lab click here.

Watch the video