Use ADSI and the ADSISearcher with LDAP when querying Active Directory.

List All User and Computer LDAP Attributes using PowerShell and ADSI

Posted on September 1st, 2023

There comes a time when we want to read or write an Active Directory attribute, yet we don’t know the name of the attribute we’re looking for!  This handy script will list all user and computer LDAP attributes using PowerShell … Continue reading →

LDAP Does Not Return All Active Directory Group Members

Posted on June 1st, 2021

LDAP does not return all Active Directory group members if there are more than 1500 members in the group.  It will return the first 1500, but none thereafter. LDAP Does Not Return All Active Directory Group Members Luckily when a … Continue reading →

Search Active Directory using ADSISearcher Filters

Posted on March 3rd, 2021

This post discusses how we can search Active Directory using ADSISearcher filters.  Using search filters can improve search performance significantly. Consider the following where we create a default ADSISearcher to begin searching Active Directory (AD): $objSearcher=[adsisearcher]”” If we used this … Continue reading →

Use ADSI to Search Groups in Active Directory

Posted on March 2nd, 2021

This post provides a simple example of how we can use ADSI to search groups in Active Directory.  You may wish to further optimise this by using LDAP filters. #only groups $objSearcher=[adsisearcher]'(&(objectCategory=group))’ $objSearcher.PageSize = 200 #specify properties to include $colProplist … Continue reading →

Use ADSI to Search Computers in Active Directory

Posted on February 27th, 2021

This post provides a simple example of how we can use ADSI to search computers in Active Directory.  You may wish to further optimise this by using LDAP filters. #only computers $objSearcher=[adsisearcher]'(&(objectCategory=computer))’ $objSearcher.PageSize = 200 #specify properties to include $colProplist … Continue reading →

Use ADSI to Search Users in Active Directory

Posted on February 27th, 2021

This post provides a simple example of how we can use ADSI to search users in Active Directory.  You may wish to further optimise this by using LDAP filters. $searcher=[adsisearcher]'(&(objectCategory=person)(objectClass=user))’ $searcher.PageSize = 200 $colProplist = “samaccountname” foreach ($i in $colPropList) … Continue reading →

Use PowerShell and ADSI to Add, Update, Clear and Append Active Directory Attributes

Posted on February 27th, 2021

This post provides an example of how we can use PowerShell and ADSI to add, update, clear and append Active Directory attributes. Use Put() to Set an Active Directory Attribute using PowerShell In its simplest form, we can use the … Continue reading →

Use ADSI and FromFileTime to Convert Datetime Attributes in Active Directory

Posted on February 26th, 2021

This post explains how we can use ADSI and FromFileTime to convert datetime attributes in Active Directory to a human-readable date and time. You’ll notice when you return attributes such as lastlogon, lastlogontimestamp and lastpwdset that the format of the … Continue reading →

Use ADSI to List Nested Members of an AD Group (Updated)

Posted on February 26th, 2021

This post includes an example of how we can use ADSI to list nested members of an AD group.  In other words, if the group contains nested groups, it will iteratively search all the members of those nested groups too. … Continue reading →

Use ADSI to Modify an AD Group

Posted on February 26th, 2021

This post provides a simple example of how we can use ADSI to modify an AD group.  In this example, we modify the description attribute of an AD group.  You can also use ADSI to clear the attributes for an … Continue reading →