PowerShell for Windows Admins

Jul 15 2015   1:54PM GMT

ADSIsearcher returns

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Active Directory

I’ve been using the Microsoft AD cmdlets (and before that the Quest cmdlets) for so long that I’d sort of forgotten about [adsisearcher].

It was introduced in PowerShell 2.0 and is a shortcut for System.DirectoryServices.DirectorySearcher

A question in the forum about using this remotely made me realise that many people have probably never used it before – and to think that 5 years ago it was the way to go – how things change.

The question revolved around using this code

$filter = “(&(objectCategory=computer)(objectClass=computer)(cn=$env:COMPUTERNAME))”

for other machines.

An attempt was made to use Invoke-Command but that won’t work because you are attempting to delegate you credentials to make the call to AD – and that’s not allowed under the default configuration for remoting. You also can’t guarantee that remoting is enabled on older machines.

All you have to do is replace $env:COMPUTERNAME with the name of the computer for which you want to get the distinguished name.  Easiest way to do this is with a function

function get-computerDN {
param ($computername)
$filter = “(&(objectCategory=computer)(objectClass=computer)(cn=$computername))”


This is an absolute bare bones function just to show the way the parameter is used – you should validate the input and add some error handling as basic improvements.

£> get-computerDN -computername server02
CN=SERVER02,OU=Domain Controllers,DC=Manticore,DC=org

Next time I’ll show how to take the basic functionality and create something a bit more robust

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: