Active Directory Search

This topic contains 4 replies, has 3 voices, and was last updated by Profile photo of Corey Thomas Corey Thomas 1 year, 9 months ago.

  • Author
    Posts
  • #22917
    Profile photo of Nick Dunn
    Nick Dunn
    Participant

    Hey, everyone. I'm trying to do a simple active directory search to create a list of all the "users" in the domain . The issue is that I'm stuck with Powershell 1.0 and I'm not able to install any modules (so things like Get-ADUser are a no-go for me). I'm a little new at all of this – I'm sort of teaching myself. I've tried a few different methods with little luck. Anyone out there that can give me some ideas to start off with? I've tried:

    $root = [ADSI]
    $searcher = New-Object System.DirectoryServices.DirectorySearcher($root)
    $searcher.filter = "(objectClass=user)"
    $searcher.FindAll()

    ##Result – I get a list that doesn't appear to include all users in the domain, and it includes the LDAP path...all I need is names. So, I try adding this final line:

    $searcher.FindAll() | for-eachobject {$_.properties["name"]} | sort

    #Result – Now, this appears to provide me a list sorted alphabetically. However, when I checked the accuracy of the list, it was missing "users". Anyone have any ideas that may help? Thanks in advance to anyone willing to help me out!

  • #22919
    Profile photo of Tim Pringle
    Tim Pringle
    Participant

    Hey Nick,

    If you're wanting to return more than 1000 results, you need to also set the SizeLimit property of the DirectorySearcher object to 0.

    e.g.

    $Searcher.SizeLimit = 0

  • #22944
    Profile photo of Nick Dunn
    Nick Dunn
    Participant

    Hi Tim,

    Thank you, I hadn't considered that. I went ahead and did as you suggested, but I'm still missing users. What's rather strange is that the script appears to retrieve a particular user from an OU, but then fails to do the same for another user in the same OU. They are identical accounts (aside from the obvious). Perhaps "(objectClass=user)" is an inefficient filter? Any suggestions?

  • #22948
    Profile photo of Tim Pringle
    Tim Pringle
    Participant

    Can you try changing the .filter property to this :

    $searcher.filter = "(objectCategory=User)"

  • #23085
    Profile photo of Corey Thomas
    Corey Thomas
    Participant

    Like Tim mentioned, you may need to increase your search size. However, I remember this as pagesize, not size limit. Here is a good example of searching AD that might work out for you.

    https://technet.microsoft.com/en-us/library/ff730967.aspx

You must be logged in to reply to this topic.