ADSISearcher is a class for searching for objects in Active Directory. It is part of .NET framework (System.DirectoryServices.DirectorySearcher) and van be accessed via PowerShell by creating object for the above class
- Example:
- $adsiSearcherObj = New-Object –TypeName System.DirectoryServices.DirectorySearcher
- takes the LDAP path to current domain by default
- Pass ADSI Directory Entry object type as ArgumentList to change the search path
- -ArgumentList @([ADSI]”LDAP://dc=ycsccorp,dc=local”)
- $adsiSearcherObj = New-Object –TypeName System.DirectoryServices.DirectorySearcher
OR
-
- $adsiObj = [ADSI]”LDAP://dc=ind,dc=ycsccorp,dc=local”
- $adsiSearcherObj = [adsisearcher]$adsiObj
OR
-
- $adsiSearcherObj = [adsisearcher][ADSI]”LDAP://dc=ycsccorp,dc=local”
ADSISearcher Functions
To perform search operations, via ADSISearcher, on the specified search root we use FineOne() and FindAll() methods
- Syntax:
- Search for single object
- $adsiSearcherObj.FindOne() – by default returns information about the search root
- Search for multiple objects
- $adsiSearcherObj.FindAll() – by default returns information about all objects within the search root
- Search for single object
ADSISearcher Filters
We can search the search root for specific objects by using the Filter property offered by ADSISearcher object.
- Syntax:
- Filter for single object
- $adsiSearcherObj.Filter = “samAccountName=user.ind02”
- Filter using wild cards
- $adsiSearcherObj.Filter = “cn=*user*”
- $adsiSearcherObj.Filter = “ou=*”
- Combining multiple filters
- $adsiSearcherObj.Filter = “(&(cn=*admin*)(objectCategory=group))”
- $adsiSearcherObj.Filter = “(|(cn=*sql*)(objectCategory=computer))”
- $adsiSearcherObj.Filter = “(&(!name=*ind*)(objectCategory=user))”
- Filter for single object
To learn about the Active Directory architecture used in this lab click here.
Watch the video
Uday Mittal is a cybersecurity professional with rich working experience working with various industries including telecom, publishing, consulting and finance. He holds internationally recognized certifications such as CRTP, OSCE, OSCP, CISSP, CISA, CISM, CRISC among others. He speaks on cybersecurity awareness, offensive security research etc. and has authored various articles on topics related to cyber security and software development for a leading magazine on open source software.