Benp recently posted his “guide to stuff” on the topic of PowerShell manipulation of AD objects, focusing on the use of the [ADSI] wrapper and System.DirectoryServices.DirectoryEntry.
This is an area that is quite interesting to understand from an Exchange 2007 administration standpoint, since there are so many parts of Exchange that have ties to AD. In general, Exchange 2007 removes the need to do direct AD/ADSI manipulations by providing rich business logic in cmdlets. However, I’ve certainly run into a need to work with areas of AD management that are outside the scope of Exchange (and therefore outside the scope of the Exchange 2007 cmdlets), and having some good reference examples here is great.
Prior to this post, I’d referenced various blog posts (many outdated, prior to PowerShell 1.0 RTM version) on the Internet to figure out these details, so I’m very glad to see them all rolled-up into a good, updated reference. Note that there’s also a good reference to this same basic approach in appendix “B.8” of Bruce Payette’s awesome new book: “Windows PowerShell in Action“.