Use ADSI and the ADSISearcher with LDAP when querying Active Directory.

LDAP Does Not Return All Active Directory Group Members

Posted on June 1st, 2021

LDAP does not return all Active Directory group members if there are more than 1500 members in the group.  It will return the first 1500, but none thereafter. LDAP Does Not Return All Active Directory Group Members Luckily when a … Continue reading →

Search Active Directory using ADSISearcher Filters

Posted on March 3rd, 2021

This post discusses how we can search Active Directory using ADSISearcher filters.  Using search filters can improve search performance significantly. Consider the following where we create a default ADSISearcher to begin searching Active Directory (AD): $objSearcher=[adsisearcher]”” If we used this … Continue reading →

Use ADSI to Search Groups in Active Directory

Posted on March 2nd, 2021

This post provides a simple example of how we can use ADSI to search groups in Active Directory.  You may wish to further optimise this by using LDAP filters. #only groups $objSearcher=[adsisearcher]'(&(objectCategory=group))’ $objSearcher.PageSize = 200 #specify properties to include $colProplist … Continue reading →

Use ADSI to Search Computers in Active Directory

Posted on February 27th, 2021

This post provides a simple example of how we can use ADSI to search computers in Active Directory.  You may wish to further optimise this by using LDAP filters. #only computers $objSearcher=[adsisearcher]'(&(objectCategory=computer))’ $objSearcher.PageSize = 200 #specify properties to include $colProplist … Continue reading →

Use ADSI to Search Users in Active Directory

Posted on February 27th, 2021

This post provides a simple example of how we can use ADSI to search users in Active Directory.  You may wish to further optimise this by using LDAP filters. $searcher=[adsisearcher]'(&(objectCategory=person)(objectClass=user))’ $searcher.PageSize = 200 $colProplist = “samaccountname” foreach ($i in $colPropList) … Continue reading →

Use ADSI to Set and Clear Active Directory Attributes

Posted on February 27th, 2021

This post provides an example of how we can use ADSI to set and clear Active Directory Attributes.  We search for a user called “alkaneuser” and set or clear the department attribute. $objSearcher=[adsisearcher]'(&(objectCategory=person)(objectClass=user)(sAMAccountName=alkaneuser))’ $colProplist = “samaccountname”,”department” foreach ($i in $colPropList) … Continue reading →

Use ADSI and FromFileTime to Convert Datetime Attributes in Active Directory

Posted on February 26th, 2021

This post explains how we can use ADSI and FromFileTime to convert datetime attributes in Active Directory to a human-readable date and time. You’ll notice when you return attributes such as lastlogon, lastlogontimestamp and lastpwdset that the format of the … Continue reading →

Use ADSI to List Nested Members of an AD Group

Posted on February 26th, 2021

This post includes an example of how we can use ADSI to list nested members of an AD group.  In other words, if the group contains nested groups, it will iteratively search all the members of those nested groups too. … Continue reading →

Use ADSI to Modify an AD Group

Posted on February 26th, 2021

This post provides a simple example of how we can use ADSI to modify an AD group.  In this example, we modify the description attribute of an AD group.  You can also use ADSI to clear the attributes for an … Continue reading →

Use ADSI to Create an AD Group

Posted on February 26th, 2021

This post provides a simple example of how we can use ADSI to create an AD group. $adGroupType = @{ Global = 0x00000002 DomainLocal = 0x00000004 Universal = 0x00000008 Security = 0x80000000 } #OU containing the AD group $adGroupOU=”OU=Application,OU=Groups,DC=alkanesolutions,DC=co,DC=uk” #AD … Continue reading →