Unable to get string form GUID when querying user attributes from AD - PowerShellCommunity.org - Windows PowerShell Discussion Forums - Using PowerShell

Forums Search Members

Unable to get string form GUID when querying user attributes from AD

Last Post 02 Jul 2008 11:33 PM by bsonposh. 3 Replies.

Sort:

	Prev Next
You are not authorized to post a reply.

Author

Messages

kgouldsk

New Member
Posts:4

28 Jun 2008 12:33 AM
Here's my code: write-host "username!name!objectguid!manager" $Domain = 'LDAP://OU=Vancouver,DC=mycompany,dc=loc' $Root = New-Object DirectoryServices.DirectoryEntry $Domain Write-host "domain: $Domain" $selector = New-Object DirectoryServices.DirectorySearcher([ADSI]"") $selector.SearchRoot = $Root $adobj= $selector.findall() \|where {$_.properties.objectcategory -match "CN=Person"} foreach ($person in $adobj){ $prop=$person.properties $psbase=$person.psbase $guid=$person.nativeguid Write-host "$($prop.samaccountname)!$($prop.name)!$guid!$($prop.manager)" } I want my guid returned in this form: {B5F47E28-C23E-4FBF-A0C1-8942FE171808} From a posting here ( http://powershelllive.com/blogs/lunch/archive/2007/04/04/day-6-adsi-connecting-to-domains-computers-and-binding-to-objects.aspx ) I see there are 3 different forms of user object, a processed DirectoryEntry a native .NET DirectoryEntry and a SearchResult It seems to indicate that the .NET entry is the one I'm after, which I should be able to get by querying using LDAP (which I'm doing) to get a user object, and getting the psbase object from that user. Can anyone shed some light on what I'm doing wrong?

bsonposh

Basic Member
Posts:388

28 Jun 2008 03:05 AM
A couple of things To point out. 1) NativeGuid is a property of a DirectoryEntry object. DirectorySearcher returns System.DirectoryServices.SearchResult. SearchResult does have a method called GetDirectoryEntry() 2) You REALLY should use an LDAP filter for parsing... using where-object is horribly inefficient. write-host "username!name!objectguid!manager" $Root = New-Object DirectoryServices.DirectoryEntry $Domain Write-host "domain: $Domain" $selector = New-Object DirectoryServices.DirectorySearcher([ADSI]"","objectcategory=user") $selector.PageSize = 1000 $adobj = $selector.findall() foreach ($person in $adobj){ $user = $person.GetDirectoryEntry() "{0}!{1}!{2}!{3}" -f $user.sAMAccountName[ 0 ], $user.name[ 0 ], $user.psbase.guid.ToString(), $user.manager[ 0 ]

kgouldsk

New Member
Posts:4

02 Jul 2008 07:28 PM
Brandon, thanks very much! That educated me and put me on the right track. I'll post my final solution here as it slightly alters things, and reinstitutes an unused piece of my original. write-host "username!name!objectguid!manager" # I want to find users in a specific OU $Root = New-Object DirectoryServices.DirectoryEntry 'LDAP://OU=Vancouver,DC=mycompany,dc=loc' $selector = New-Object DirectoryServices.DirectorySearcher($Root) $selector.Filter="(&(objectClass=user)(objectCategory=Person))" $selector.PageSize = 1000 $adobj = $selector.findall() foreach ($person in $adobj){ $user = $person.GetDirectoryEntry() "{0}!{1}!{2}!{3}" -f $user.sAMAccountName[ 0 ], $user.name[ 0 ], $user.psbase.guid.ToString(), $user.manager[ 0 ] }

bsonposh

Basic Member
Posts:388

You are not authorized to post a reply.

Active Forums 4.1