Quick AD Search Example

I was emailing with another instructor tonight and wrote a quick snippet to search AD for an object with a particular SID.  This is quick and way too simple for production, but it just shows how easily you can search AD.  This is with Powershell v1

$searcher = new-object system.directoryservices.directorysearcher

$searcher.filter = “(objectsid=S-1-5-21-......)" #clearly a real valid SID would go here

$searcher.findall() | foreach-object{ $_.properties.distinguishedname}

This just simply uses the directoryseracher object with mostly defaults (root of domain partition, subtree scope, etc.).  I set the filter to a simple LDAP filter using the SID.  The FindALL() method piped to a simple foreach-object and away we go.  Clearly in the real world you would expand this considerably more to give you what you need, but it shows the directoryseacher at its very basic level.

 

This posting is provided "AS IS" with no warranties, and confers no rights. Use of included script samples are subject to the terms specified at https://www.microsoft.com/info/cpyright.htm.