I’ve started looking at the latest version of the PowerShell Community Extensions. One cmdlet that is sure to be popular is Get-ADobject.
Get-ADObject [-Class] [-Credential] [-DistinguishedName] [-Domain] [-Filter] [-GlobalCatalog] [-Scope] [-Server] [-Value] [<CommonParameters>]
I’ve just started exploring its capabilities. But it makes getting objects from Active Directory a snap. This command returns a variable, $users, that contains all user object is my test domain:
get-adobject -distinguishedname “DC=jdhitsolutions,dc=local” -server jdhit-dc01 -class “User” -outvariable users
Now I can do what ever I want with this object. Pipe it through Get-Member to peek at all the available properties:
$users | get-member
For a quick and dirty look I can run an expression like this:
$users | select name,description,title
I can even modify an existing user:
$user=get-adobject -distinguishedname “CN=Bill Shakespeare,OU=Testing,DC=jdhitsolutions,Dc=local” -server jdhit-dc01
$user.description=”Staff Writer”
$user.SetInfo()
This will update the description of the specified user object. If I re-run the first two commands I’ll see the new description.
Here are a few other quick things I think are slick. I can get all objects that contain a certain value (there’s also a filter parameter which I’ll leave for you to play with):
get-adobject -domain JDHITSOLUTIONS -value TUser* -class user -outvariable testusers
foreach ($user in $testusers) {
>> $user.description=”PowerShell Test User”
>> $user.SetInfo()
Here in a flash I’ve updated the description for all may user TUser accounts.
So until PowerShell has improved Active Directory support this is probably one of the simplest and best alternatives.
