Powershell Bulk Find ActiveDirectory Objects

Question

Powershell Bulk Find ActiveDirectory Objects

I am trying to develop a powershell script to help with AD group membership management. We have several large groups (30k-60k + objects) that we want to update with data from another system.

The script loads objects that should be in a group from a text file. Then each object should be located in AD with System.DirectoryServices.DirectorySearcher. After that, each object is added to group membership.

the script spends about 80% of its time searching for each object, is there a massive way to search for objects in AD using powershell?

Thank!

+5

powershell active-directory adsi

klyd Apr 30 '12 at 20:36

source share

4 answers

, System.DirectoryServices.Protocols(S.DS.P) ( ) .

PowerShell script:

# ADDP-Connect.PS1

Clear-Host
# Add the needed assemblies
Add-Type -AssemblyName System.DirectoryServices.Protocols

# Connexion
$serverName = "WM2008R2ENT" 
$ADDPConnect = New-Object System.DirectoryServices.Protocols.LdapConnection $serverName

$userName = "JPB"
$pwd = "PWD"
$domain = "Dom"
$ADDPConnect.Credential = New-Object system.Net.NetworkCredential -ArgumentList $userName,$pwd,$domain

# Create a searcher
$searchTargetOU = "dc=dom,dc=fr"
$searchFilter = "(samAccountName=user1)"
$searchScope = [System.DirectoryServices.Protocols.SearchScope]::Subtree
$searchAttrList = $null

foreach($user in "user1","user2","user3")
{
  $searchFilter = "(samAccountName=$user)"
  $searchRequest = New-Object System.DirectoryServices.Protocols.SearchRequest -ArgumentList $searchTargetOU,$searchFilter,$searchScope,$searchAttrList

  $searchResponse = $ADDPConnect.SendRequest($searchRequest)

  foreach($searchEntries in $searchResponse.Entries)
  {
    $searchEntries.DistinguishedName
  }
}

+1

JPBlanc 01 '12 19:50

, ,

$ADDPConnect = New-Object System.DirectoryServices.Protocols.LdapConnection $serverName
$ADDPConnect.Timeout = "1000"

+1

Nishanth KN 19 . '12 16:02

,

$ADDPConnect = New-Object System.DirectoryServices.Protocols.LdapConnection $serverName
$ADDPConnect.Timeout = "1000"

0

Nishanth KN 19 . '12 15:41

CB. · Accepted Answer · 2012-04-30T21:26:35+0000

AD, , , , user/person $objRecordSet.

$Ads_Scope_SubTree = 2        
$objConnection = new-Object  -com "ADODB.Connection"
$objCommand = new-Object -com "ADODB.Command"

$objConnection.Provider = "ADsDSOObject"
$objConnection.Open( "Active Directory Provider")
$objCommand.ActiveConnection = $objConnection

$objCommand.Properties.Item("Page Size").value = 1000
$objCommand.Properties.item("Searchscope").value = $Ads_Scope_SubTree 

$objCommand.CommandText = "Select Name From 'LDAP://DC = int, DC= my, DC = local' Where objectCategory = 'Person'" 

$objRecordSet = $objCommand.Execute()
$objRecordSet.RecordCount

Powershell Bulk Find ActiveDirectory Objects

More articles: