PowerShell for Windows Admins

Jul 17 2015   12:37PM GMT

get-computerDN–dealing with non-existant computers

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Active Directory

If you look at the working part of the code to discover the distinguished name of a computer:

£> $computer = ‘w12r2sus’
£> $filter = “(&(objectCategory=computer)(objectClass=computer)(cn=$computer))”
£> ([adsisearcher]$filter).FindOne().Properties.distinguishedname

What happens if the computername you chose doesn’t exist?

£> $computer = ‘w12r2nope’
£> $filter = “(&(objectCategory=computer)(objectClass=computer)(cn=$computer))”
£> ([adsisearcher]$filter).FindOne().Properties.distinguishedname

You don’t get anything returned

The filter is formed correctly

£> $filter

The FindOne() method doesn’t return anything

£> ([adsisearcher]$filter).FindOne()

If you’re just working with a single computer then not getting a result is a fair indication of a problem but if you’ve passed a number of  computer names to the function you need to know easily which ones aren’t present – especially if you save the results in a collection and want to do something else with them.

In this case I’d use write-warning to output a message that the machine wasn’t found:

£> $computer = ‘w12r2nope’
£> $filter = “(&(objectCategory=computer)(objectClass=computer)(cn=$computer))”
£> $result = ([adsisearcher]$filter).FindOne()
£> if ($result) {
>> $result.Properties.distinguishedname
>> }
>> else {
>>  Write-Warning -Message “Computer not found: $computer”
>> }
WARNING: Computer not found: w12r2nope

Putting that code into yesterday’s function gives us:

function get-computerDN {
[CmdletBinding(SupportsShouldProcess=$true, ConfirmImpact=”Low”)]

param (
HelpMessage=”Supply computer name” )]
[Alias(“CN”, “Computer”)]

foreach ($computer in $computername) {
if ($psCmdlet.ShouldProcess(“$computer”, “Retreiving distinguished name”)) {
$filter = “(&(objectCategory=computer)(objectClass=computer)(cn=$computer))”
$result = ([adsisearcher]$filter).FindOne()

if ($result) {
else {
Write-Warning -Message “Computer not found: $computer”

} # end if ($psCmdlet.ShouldProcess(“$computer”, “Retreiving distinguished name”))
} # end foreach ($computer in $computername) {


Returns distinguished name of a computer

Returns distinguished name of one or more computers in the domain.
Assumes connectivity to domain controller. Domain independent.

.PARAMETER  computername
Name of computer for which distinguished name will be returned

get-computerDN -computername server02

Returns the distinguished name for server02.

Results are of the form:
CN=SERVER02,OU=Domain Controllers,DC=Manticore,DC=org

[adsisearcher] is a shortcut for System.DirectoryServices.DirectorySearcher



Which is used like this

£> ‘server02’, ‘w12r2sus’, ‘w12r2nope’ | get-computerDN
CN=SERVER02,OU=Domain Controllers,DC=Manticore,DC=org
WARNING: Computer not found: w12r2nope

One thing you need to keep in mind when estimating the time you’ll take to write a script – you’ll be writing at least half as much again validation, error handling and help/comments compared to the actual working code.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: