Active Directory Search

This topic contains 4 replies, has 3 voices, and was last updated by  Corey Thomas 2 years, 5 months ago.

  • Author
    Posts
  • #22917

    Nick Dunn
    Participant

    Hey, everyone. I'm trying to do a simple active directory search to create a list of all the "users" in the domain . The issue is that I'm stuck with Powershell 1.0 and I'm not able to install any modules (so things like Get-ADUser are a no-go for me). I'm a little new at all of this – I'm sort of teaching myself. I've tried a few different methods with little luck. Anyone out there that can give me some ideas to start off with? I've tried:

    $root = [ADSI]
    $searcher = New-Object System.DirectoryServices.DirectorySearcher($root)
    $searcher.filter = "(objectClass=user)"
    $searcher.FindAll()

    ##Result – I get a list that doesn't appear to include all users in the domain, and it includes the LDAP path...all I need is names. So, I try adding this final line:

    $searcher.FindAll() | for-eachobject {$_.properties["name"]} | sort

    #Result – Now, this appears to provide me a list sorted alphabetically. However, when I checked the accuracy of the list, it was missing "users". Anyone have any ideas that may help? Thanks in advance to anyone willing to help me out!

  • #22919

    Tim Pringle
    Participant

    Hey Nick,

    If you're wanting to return more than 1000 results, you need to also set the SizeLimit property of the DirectorySearcher object to 0.

    e.g.

    $Searcher.SizeLimit = 0

  • #22944

    Nick Dunn
    Participant

    Hi Tim,

    Thank you, I hadn't considered that. I went ahead and did as you suggested, but I'm still missing users. What's rather strange is that the script appears to retrieve a particular user from an OU, but then fails to do the same for another user in the same OU. They are identical accounts (aside from the obvious). Perhaps "(objectClass=user)" is an inefficient filter? Any suggestions?

  • #22948

    Tim Pringle
    Participant

    Can you try changing the .filter property to this :

    $searcher.filter = "(objectCategory=User)"

  • #23085

    Corey Thomas
    Participant

    Like Tim mentioned, you may need to increase your search size. However, I remember this as pagesize, not size limit. Here is a good example of searching AD that might work out for you.

    https://technet.microsoft.com/en-us/library/ff730967.aspx

You must be logged in to reply to this topic.