Powershell DirectorySearcher 空输出
Powershell DirectorySearcher Null Output
我正在编写一个 powershell 脚本,用于在 Active Directory OU 中搜索用户,并允许我通过从列表中选择匹配项来重置密码。我找到了一个使用 System.DirectoryServices.DirectoryEntry 和 System.DirectoryServices.DirectorySearcher 的 Tutorial,并像这样修改它:
$objDomain = New-Object System.DirectoryServices.DirectoryEntry("LDAP:\[REDACTED]")
##ReadSTDIN
$strSearch = Read-Host -Prompt "Search"
$strCat = "(&(objectCategory=User)(Name=*" + $strSearch + "*))"
## Search Object
$objSearcher = New-Object System.DirectoryServices.DirectorySearcher
$objSearcher.SearchRoot = $objDomain
$objSearcher.PageSize = 1000
$objSearcher.Filter = $strCat
$objSearcher.SearchScope = "Subtree"
#Load Required Properties into the dynObjLink
$objSearcher.PropertiesToLoad.Add("name")
$objSearcher.PropertiesToLoad.Add("userPrincipalName")
$objSearcher.PropertiesToLoad.Add("SamAccountName")
##Magical Search Function
$colResults = $objSearcher.FindAll()
$colResults.PropertiesLoaded
#for every returned userID add them to a table
ForEach ($objResult in $colResults)
{$a++
$objResult.count
$objItem = $objResult.Properties
$objItem.name
$objItem.userPrincipalName
$results.Add($a, $objItem.name + $objItem.userPrincipalName + $objItem.SamAccountName)
}
#Print Table
$results | Format-Table -AutoSize
这很好用,但是当它打印数据时,我只能得到返回的任何内容的 "first name" 值。其他一切都变成 NULL,我不明白为什么。
Name Value
---- -----
3 {James3 [REDACTED], $null, $null}
2 {James2 [REDACTED], $null, $null}
1 {James1 [REDACTED], $null, $null}
我尝试了不同类型的身份验证和操作值,但 DirectorySearcher 对象似乎只收集它 returns 的任何记录的 "name" 值,无论我将什么加载到它。帮忙?
这里有一个更短的(和 PowerShell v2 兼容的)方法:
#requires -version 2
param(
[Parameter(Mandatory=$true)]
[String] $SearchPattern
)
$searcher = [ADSISearcher] "(&(objectClass=user)(name=$SearchPattern))"
$searcher.PageSize = 1000
$searcher.PropertiesToLoad.AddRange(@("name","samAccountName","userPrincipalName"))
$searchResults = $searcher.FindAll()
if ( $searchResults.Count -gt 0 ) {
foreach ( $searchResult in $searchResults ) {
$properties = $searchResult.Properties
$searchResult | Select-Object `
@{Name = "name"; Expression = {$properties["name"][0]}},
@{Name = "sAMAccountName"; Expression = {$properties["samaccountname"][0]}},
@{Name = "userPrincipalName"; Expression = {$properties["userprincipalname"][0]}}
}
}
$searchResults.Dispose()
请注意,无需构建列表并在之后输出。只需输出每个搜索结果。将此代码放入脚本文件中并调用它:
PS C:\Scripts> .\Searcher.ps1 "*dyer*"
如果您省略该参数,PowerShell 将提示您输入它(因为该参数被标记为必填)。
尝试使用与 PropertiesToLoad 匹配的属性
$entry = new-object -typename system.directoryservices.directoryentry -ArgumentList $LDAPServer, "ldap", "esildap"
$entry.Path="LDAP://OU=childOU,OU=parentOU,DC=dc1,DC=dc2"
$searcher = new-object -typename system.directoryservices.directorysearcher -ArgumentList $entry
$searcher.PropertiesToLoad.Add('samaccountname')
$searcher.PropertiesToLoad.Add('mail')
$searcher.PropertiesToLoad.Add('displayname')
$objs = $searcher.findall()
foreach($data in $objs)
{
$samaccountname = $data.properties['samaccountname'][0] + ''
$mail = $data.properties['mail'][0] + ''
$displayname = $data.properties['displayname'][0] + ''
}
when accessing the properties of the resultset you get a System.DirectoryServices.ResultPropertyValueCollection type for each property
to get a string value for passing to a database the property value access the zero index of the object
我正在编写一个 powershell 脚本,用于在 Active Directory OU 中搜索用户,并允许我通过从列表中选择匹配项来重置密码。我找到了一个使用 System.DirectoryServices.DirectoryEntry 和 System.DirectoryServices.DirectorySearcher 的 Tutorial,并像这样修改它:
$objDomain = New-Object System.DirectoryServices.DirectoryEntry("LDAP:\[REDACTED]")
##ReadSTDIN
$strSearch = Read-Host -Prompt "Search"
$strCat = "(&(objectCategory=User)(Name=*" + $strSearch + "*))"
## Search Object
$objSearcher = New-Object System.DirectoryServices.DirectorySearcher
$objSearcher.SearchRoot = $objDomain
$objSearcher.PageSize = 1000
$objSearcher.Filter = $strCat
$objSearcher.SearchScope = "Subtree"
#Load Required Properties into the dynObjLink
$objSearcher.PropertiesToLoad.Add("name")
$objSearcher.PropertiesToLoad.Add("userPrincipalName")
$objSearcher.PropertiesToLoad.Add("SamAccountName")
##Magical Search Function
$colResults = $objSearcher.FindAll()
$colResults.PropertiesLoaded
#for every returned userID add them to a table
ForEach ($objResult in $colResults)
{$a++
$objResult.count
$objItem = $objResult.Properties
$objItem.name
$objItem.userPrincipalName
$results.Add($a, $objItem.name + $objItem.userPrincipalName + $objItem.SamAccountName)
}
#Print Table
$results | Format-Table -AutoSize
这很好用,但是当它打印数据时,我只能得到返回的任何内容的 "first name" 值。其他一切都变成 NULL,我不明白为什么。
Name Value
---- -----
3 {James3 [REDACTED], $null, $null}
2 {James2 [REDACTED], $null, $null}
1 {James1 [REDACTED], $null, $null}
我尝试了不同类型的身份验证和操作值,但 DirectorySearcher 对象似乎只收集它 returns 的任何记录的 "name" 值,无论我将什么加载到它。帮忙?
这里有一个更短的(和 PowerShell v2 兼容的)方法:
#requires -version 2
param(
[Parameter(Mandatory=$true)]
[String] $SearchPattern
)
$searcher = [ADSISearcher] "(&(objectClass=user)(name=$SearchPattern))"
$searcher.PageSize = 1000
$searcher.PropertiesToLoad.AddRange(@("name","samAccountName","userPrincipalName"))
$searchResults = $searcher.FindAll()
if ( $searchResults.Count -gt 0 ) {
foreach ( $searchResult in $searchResults ) {
$properties = $searchResult.Properties
$searchResult | Select-Object `
@{Name = "name"; Expression = {$properties["name"][0]}},
@{Name = "sAMAccountName"; Expression = {$properties["samaccountname"][0]}},
@{Name = "userPrincipalName"; Expression = {$properties["userprincipalname"][0]}}
}
}
$searchResults.Dispose()
请注意,无需构建列表并在之后输出。只需输出每个搜索结果。将此代码放入脚本文件中并调用它:
PS C:\Scripts> .\Searcher.ps1 "*dyer*"
如果您省略该参数,PowerShell 将提示您输入它(因为该参数被标记为必填)。
尝试使用与 PropertiesToLoad 匹配的属性
$entry = new-object -typename system.directoryservices.directoryentry -ArgumentList $LDAPServer, "ldap", "esildap"
$entry.Path="LDAP://OU=childOU,OU=parentOU,DC=dc1,DC=dc2"
$searcher = new-object -typename system.directoryservices.directorysearcher -ArgumentList $entry
$searcher.PropertiesToLoad.Add('samaccountname')
$searcher.PropertiesToLoad.Add('mail')
$searcher.PropertiesToLoad.Add('displayname')
$objs = $searcher.findall()
foreach($data in $objs)
{
$samaccountname = $data.properties['samaccountname'][0] + ''
$mail = $data.properties['mail'][0] + ''
$displayname = $data.properties['displayname'][0] + ''
}
when accessing the properties of the resultset you get a System.DirectoryServices.ResultPropertyValueCollection type for each property
to get a string value for passing to a database the property value access the zero index of the object