Share via

writing powershell function with DirectorySearcher instead of get-adcomputer

Thomas Garrity 22 Reputation points
2020-12-23T05:10:25.443+00:00

I'm trying to convert my PowerShell function to use DirectorySearcher with the relevant filter, properties, etc. to find stale computers because Microsoft's Search-ADAccount is insufficient for what I need, and so I don't want my new function to rely on any underlying modules, i.e. get-adcomputer, because I heard it's best practice to rely as little as possible on external functions.

Here's the code I have thus far which seems to get me most of the way there, but I'm having trouble formatting the data into human-readable results that get-adcomputer does so nicely. 

$FileTimeUTC = (get-date).adddays(-90).ToFileTimeUtc()
$Credential = get-credential 
$Searcher = new-object -typename system.directoryservices.directorysearcher
$Searcher.Filter = "(&(objectclass=computer)(operatingsystem=windows*)(!(primarygroupid=516))(!(operatingsystem=*server*))(lastlogontimestamp<=$filetimeutc))"
$Searcher.PropertiesToLoad.Add('Name')
$Searcher.PropertiesToLoad.Add('Description')
$Searcher.PropertiesToLoad.Add('DistinguishedName')
$Searcher.PropertiesToLoad.Add('OperatingSystem')
$Searcher.PropertiesToLoad.Add('OperatingSystemServicePack')
$Searcher.PropertiesToLoad.Add('Created')
$Searcher.PropertiesToLoad.Add('PasswordLastSet')
$Searcher.PropertiesToLoad.Add('LastLogonDate')
$DomainDN=([adsisearcher]"").SearchRoot.Path
$domain = new-object -typename system.directoryservices.directoryentry -argumentlist $DomainDN, $Credential.UserName, $Credential.GetNetworkCredential().password
$searcher.searchroot = $domain
$objs = $searcher.findall()
return $objs

What I get is a mess with just Path and Properties, not in the format that I would normally get if I had instead used this: 

get-adcomputer -filter * -properties Name,Description,DistinguishedName,OperatingSystem,OperatingSystemServicePack,Created,PasswordLastSet,LastLogonDate

Need help formatting the results in $objs if possible. Thank you in advance!

Windows for business Windows Client for IT Pros Directory services Active Directory
Windows for business Windows Server User experience PowerShell
Accepted answer
  1. Anonymous
    2020-12-23T06:43:08.807+00:00

    Hi,

    The properties are stored in a hashtable and you can format the output as follows 

    $name = @{n="Name";e={$_.properties.'name'}}  
$distinguishedName = @{n="distinguishedName";e={$_.properties.'distinguishedname'}}  
$operatingSystem = @{n="OperatingSystem";e={$_.properties.'operatingsystem'}}  
$description = @{n="Description";e={$_.properties.'description'}}  
$objs | Select-Object -Property $name, $distinguishedName, $operatingSystem, $description

    Best Regards,
    Ian Xue

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Thomas Garrity 22 Reputation points
    2020-12-23T16:27:06+00:00

    Sorry but this isn't making any sense to me. you're using $_. which would imply you're piping from foreach-object, but I'm still not understanding how to build the new array.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.